%PDF- <> %âãÏÓ endobj 2 0 obj <> endobj 3 0 obj <>/ExtGState<>/ProcSet[/PDF/Text/ImageB/ImageC/ImageI] >>/Annots[ 28 0 R 29 0 R] /MediaBox[ 0 0 595.5 842.25] /Contents 4 0 R/Group<>/Tabs/S>> endobj ºaâÚÎΞ-ÌE1ÍØÄ÷{òò2ÿ ÛÖ^ÔÀá TÎ{¦?§®¥kuµùÕ5sLOšuY>endobj 2 0 obj<>endobj 2 0 obj<>endobj 2 0 obj<>endobj 2 0 obj<> endobj 2 0 obj<>endobj 2 0 obj<>es 3 0 R>> endobj 2 0 obj<> ox[ 0.000000 0.000000 609.600000 935.600000]/Fi endobj 3 0 obj<> endobj 7 1 obj<>/ProcSet[/PDF/Text/ImageB/ImageC/ImageI]>>/Subtype/Form>> stream
# Description: Can access the Mir display server as a client # Usage: common # TODO: is this needed by the client too? If it is, then we need to change the # usage to 'reserved' until we have seccomp arg filtering implemented. #capability chown, #capability fowner, # Socket to talk on /run/mir_socket rw, # FIXME: this is problematic with the current approach of forking and renaming # the mir-template snap since the label will not match the server. This might # be needed for the anonymous seqpacket socket? This needs to be refined. unix (connect, send, receive) peer=(label="mir{,.*}_server-compositor_*"), # For non-opengl apps # https://www.kernel.org/doc/gorman/html/understand/understand015.html /dev/shm/\#* rw, # udev deny /etc/udev/udev.conf r, deny /run/udev/data/* r, # FIXME: this is an information leak until AppArmor implements kernel variables owner @{PROC}/@{pid}/cmdline r, # FIXME: these should be part of (hw-)assign, not this policy group # /dev/dri/card0 rw, # hardware acceleration # /sys/devices/*/*/*/drm/card0/uevent r, # FIXME: this is too lenient, please adjust for specific accesses # /sys/devices/*/*/*/uevent r, /usr/share/applications/ r, # Library snaps will allow things like this, but this creates a tight coupling # between mir and consumers of mir, so leave it out for now. #@{INSTALL_DIR}/mir{,.*}/ r, #@{INSTALL_DIR}/mir{,.*}/** r, #@{INSTALL_DIR}/mir{,.*}/**/lib.so* mr,