HEX
Server: nginx/1.26.1
System: Linux main-vm 5.15.0-153-generic #163-Ubuntu SMP Thu Aug 7 16:37:18 UTC 2025 x86_64
User: root (0)
PHP: 8.2.19
Disabled: NONE
$ pwd: /snap/core24/current/etc/apparmor.d/abstractions/
Upload Files
File: //snap/core24/current/etc/apparmor.d/abstractions/private-files-strict
# vim:syntax=apparmor
# privacy-violations-strict contains additional rules for sensitive
# files that you want to explicitly deny access

  abi <abi/4.0>,

  include <abstractions/private-files>

  # potentially extremely sensitive files
  audit deny @{HOME}/.aws/{,**} mrwkl,
  audit deny @{HOME}/.gnupg/{,**} mrwkl,
  audit deny @{HOME}/.ssh/{,**} mrwkl,
  audit deny @{HOME}/.gnome2_private/{,**} mrwkl,
  audit deny @{HOME}/.gnome2/ w,
  audit deny @{HOME}/.gnome2/keyrings/{,**} mrwkl,
  # don't allow access to any gnome-keyring modules
  audit deny @{run}/user/[0-9]*/keyring** mrwkl,
  audit deny @{HOME}/.mozilla/{,**} mrwkl,
  audit deny @{HOME}/.config/ w,
  audit deny @{HOME}/.config/chromium/{,**} mrwkl,
  audit deny @{HOME}/.config/evolution/{,**} mrwkl,
  audit deny @{HOME}/.evolution/{,**} mrwkl,
  audit deny @{HOME}/.{,mozilla-}thunderbird/{,**} mrwkl,
  audit deny @{HOME}/.kde{,4}/{,share/,share/apps/} w,
  audit deny @{HOME}/.kde{,4}/share/apps/kmail{,2}/{,**} mrwkl,
  audit deny @{HOME}/.kde{,4}/share/apps/kwallet/{,**} mrwkl,
  audit deny @{HOME}/.local/share/kwalletd/{,**} mrwkl,

  # Include additions to the abstraction
  include if exists <abstractions/private-files-strict.d>
@ Telegram