HEX
Server: Apache/2.4.52 (Ubuntu)
System: Linux ip-172-31-27-128 6.8.0-1033-aws #35~22.04.1-Ubuntu SMP Wed Jul 23 17:51:00 UTC 2025 x86_64
User: ubuntu (1000)
PHP: 8.1.2-1ubuntu2.22
Disabled: NONE
$ pwd: /etc/apparmor.d/abstractions/ubuntu-browsers.d/
Upload Files
File: //etc/apparmor.d/abstractions/ubuntu-browsers.d/user-files
# vim:syntax=apparmor

  abi <abi/3.0>,

  # Allow read to all files user has DAC access to and write access to all
  # files owned by the user in $HOME.
  @{HOME}/ r,
  @{HOME}/** r,
  owner @{HOME}/** w,

  # Do not allow read and/or write to particularly sensitive/problematic files
  include <abstractions/private-files>
  audit deny @{HOME}/.ssh/{,**} mrwkl,
  audit deny @{HOME}/.gnome2_private/{,**} mrwkl,
  audit deny @{HOME}/.kde{,4}/{,share/,share/apps/} w,
  audit deny @{HOME}/.kde{,4}/share/apps/kwallet/{,**} mrwkl,
  audit deny @{HOME}/.local/share/kwalletd/{,**} mrwkl,

  # Comment this out if using gpg plugin/addons
  audit deny @{HOME}/.gnupg/{,**} mrwkl,

  # Allow read to all files user has DAC access to and write for files the user
  # owns on removable media and filesystems.
  /media/** r,
  /mnt/** r,
  /srv/** r,
  /net/** r,
  owner /media/** w,
  owner /mnt/** w,
  owner /srv/** w,
  owner /net/** w,
@ Telegram