mirror of
https://gitlab.com/apparmor/apparmor
synced 2025-08-22 01:57:43 +00:00
6a5432b2b0
ArchLinux ships a secondary PHP package called php-legacy with different paths. As of now, the php-fpm profile will cover this binary but inadequately restrict it. Fixes: #454
44 lines
1.2 KiB
Plaintext
44 lines
1.2 KiB
Plaintext
# vim:syntax=apparmor
|
|
# ------------------------------------------------------------------
|
|
#
|
|
# Copyright (C) 2002-2006 Novell/SUSE
|
|
# Copyright (C) 2009-2010 Canonical Ltd.
|
|
#
|
|
# This program is free software; you can redistribute it and/or
|
|
# modify it under the terms of version 2 of the GNU General Public
|
|
# License published by the Free Software Foundation.
|
|
#
|
|
# ------------------------------------------------------------------
|
|
|
|
abi <abi/4.0>,
|
|
|
|
# shared snippets for config files
|
|
/etc/php{,5,7,8,-legacy}/** r,
|
|
|
|
# Xlibs
|
|
/usr/X11R6/lib{,32,64}/lib*.so* mr,
|
|
# php extensions
|
|
/usr/lib{64,}/php{,5,7,8,-legacy}/*/*.so mr,
|
|
|
|
# ICU (unicode support) data tables
|
|
/usr/share/icu/*/*.dat r,
|
|
|
|
# php session mmap socket
|
|
/var/lib/php{,5,7,8,-legacy}/session_mm_* rwlk,
|
|
# file based session handler
|
|
/var/lib/php{,5,7,8,-legacy}/sess_* rwlk,
|
|
/var/lib/php{,5,7,8,-legacy}/sessions/* rwlk,
|
|
|
|
# php libraries
|
|
/usr/share/php{,5,7,8,-legacy}/ r,
|
|
/usr/share/php{,5,7,8,-legacy}/** mr,
|
|
|
|
# MySQL extension
|
|
/usr/share/mysql/** r,
|
|
|
|
# Zend opcache
|
|
/tmp/.ZendSem.* rwlk,
|
|
|
|
# Include additions to the abstraction
|
|
include if exists <abstractions/php.d>
|