Edit file File name : private-files-strict Content :# vim:syntax=apparmor # privacy-violations-strict contains additional rules for sensitive # files that you want to explicitly deny access #include <abstractions/private-files> # potentially extremely sensitive files audit deny @{HOME}/.aws/{,**} mrwkl, audit deny @{HOME}/.gnupg/{,**} mrwkl, audit deny @{HOME}/.ssh/{,**} mrwkl, audit deny @{HOME}/.gnome2_private/{,**} mrwkl, audit deny @{HOME}/.gnome2/ w, audit deny @{HOME}/.gnome2/keyrings/{,**} mrwkl, # don't allow access to any gnome-keyring modules audit deny /{,var/}run/user/[0-9]*/keyring** mrwkl, audit deny @{HOME}/.mozilla/{,**} mrwkl, audit deny @{HOME}/.config/ w, audit deny @{HOME}/.config/chromium/{,**} mrwkl, audit deny @{HOME}/.config/evolution/{,**} mrwkl, audit deny @{HOME}/.evolution/{,**} mrwkl, audit deny @{HOME}/.{,mozilla-}thunderbird/{,**} mrwkl, audit deny @{HOME}/.kde{,4}/{,share/,share/apps/} w, audit deny @{HOME}/.kde{,4}/share/apps/kmail{,2}/{,**} mrwkl, audit deny @{HOME}/.kde{,4}/share/apps/kwallet/{,**} mrwkl, Save