# Last Modified: Tue Oct 9 21:59:30 2007 # Firefox Intrepid AMD64, 3.0.7 # (Uses JailBuddy for execute brokerage: # http://jdong.mit.edu/~jdong/jailbuddy/jailbuddy/bin/Debug/ #include /usr/lib/firefox-3.0.7/firefox { #include #include #include #include #include #include #include capability sys_ptrace, / r, /bin/bash ixr, /bin/dash ixr, /bin/grep ixr, /bin/ls ixr, /bin/ps ixr, /bin/pwd ixr, /bin/sed ixr, /bin/which ixr, /etc/firefox/** r, /etc/gai.conf r, /etc/gnome/defaults.list r, /etc/java-6-sun/** r, /etc/mailcap r, /etc/mime.types r, /etc/mtab r, /etc/python2.5/site.py r, /etc/sound/events/gtk-events-2.soundlist r, /tmp/** lmrw, /tmp/*gpg* ixr, /usr/bin/basename ixr, /usr/bin/dirname ixr, /usr/local/bin/jailbuddy Uxr, /usr/bin/expr ixr, /usr/bin/gedit ixr, /usr/bin/gksu ixr, /usr/bin/md5sum ixr, /usr/bin/python2.5 ixr, /usr/bin/seahorse-tool ixr, /usr/bin/sudo ixr, /etc/gre.d/** r, /etc/gre.d/ r, /usr/bin/totem ixr, /usr/lib/** mr, /usr/lib/firefox-*/firefox ixr, /usr/lib/firefox-*/firefox-bin ixr, /usr/lib/firefox-*/run-mozilla.sh ixr, /usr/lib/gamin/gam_server ixr, /usr/lib/jvm/** r, /usr/lib/jvm/**/bin/java_vm ixr, /usr/lib/libgconf2-4/gconfd-2 ix, /usr/local/lib/python2.5/site-packages/ r, /usr/local/share/applications/ r, /usr/local/share/applications/mimeinfo.cache r, /usr/local/share/icons/ r, /usr/sbin/synaptic ixr, /usr/share/applications/ r, /usr/share/applications/* r, /usr/share/firefox/** r, /usr/share/fonts/** mr, /usr/share/gdm/applications/ r, /usr/share/gdm/applications/mimeinfo.cache r, /usr/share/libthai/** r, /usr/share/myspell/*/ r, /usr/share/myspell/dicts/* r, /usr/share/synaptic/glade/* r, /usr/share/ubuntu-artwork/* r, /usr/share/ubuntu-artwork/** r, /usr/share/ubuntu-artwork/*/* r, @{HOME}/.Xauthority r, @{HOME}/.fontconfig/* mr, @{HOME}/.fonts.conf r, @{HOME}/.fonts/* mr, # @{HOME}/.gnome2_private/ rw, @{HOME}/.icons/ rw, @{HOME}/.icons/** rw, /usr/lib/firefox-*/firefox.sh rix, @{HOME}/.java/** kmrw, @{HOME}/.local/share/applications/ r, @{HOME}/.local/share/applications/* r, @{HOME}/.local/share/icons/ r, @{HOME}/.local/share/icons/** r, @{HOME}/.macromedia/** kmrw, @{HOME}/.mozilla/firefox/** krw, @{HOME}/.mozilla/firefox/**.so mr, @{HOME}/.recently-used.* w, @{HOME}/.recently-used.xbel.9DTRZT r, @{HOME}//.config/* r, @{HOME}//.config/gtk-2.0/* rw, @{HOME}/.Private/** rwk, @{HOME}/Private/.mozilla/** rwk, @{HOME}/Private.local/share/applications/ r, @{HOME}/Private.local/share/applications/* r, /usr/share/** r, @{HOME}/Private/.local/share/icons/ r, @{HOME}/Private/.local/share/icons/** r, @{HOME}/Private/.macromedia/** kmrw, @{HOME}/Private/.mozilla/firefox/** krw, @{HOME}/Private/.mozilla/firefox/**.so mr, @{HOME}/Private/.recently-used.* w, @{HOME}/Private/.recently-used.xbel.9DTRZT r, @{HOME}/Private/.config/* r, @{HOME}/Private/.config/gtk-2.0/* rw, @{HOME}/Private/.local/** r, @{HOME}/Private/Downloads/** rw, @{HOME}/Private/Downloads/*/ rw, @{HOME}/Private/Desktop/** krw, @{HOME}/.adobe/** rwk, @{HOME}/Private/tmp/** krw, owner @{PROC}/*/maps r, owner @{PROC}/*/mounts r, @{PROC}/meminfo r, @{PROC}/stat r, @{PROC}/version r, @{PROC}/**/stat r, owner @{PROC}/**/* r, audit deny @{HOME}/.ssh/* rw, audit deny @{HOME}/.Private/.ssh/* rw, audit deny @{HOME}/Private/.ssh/* rw, audit deny @{HOME}/.gnupg/* rw, audit deny @{HOME}/.Private/.gnupg/* rw, audit deny @{HOME}/Private/.gnupg/* rw, /etc/pulse/** r, /dev/shm/ r, /dev/shm/** rw, @{PROC}/uptime r, @{PROC}/ r, @{PROC}/pid_max r, }