1
2
3
4
5
6
7
8
9
10
11 | $ cat /proc/version_signature
Ubuntu 3.2.0-107.148-generic 3.2.79
$ echo foo > /tmp/foo
$ # allow access to all files except for paths that start with /t
$ echo "profile test { /[^t]** rwkix, }" | sudo apparmor_parser -qr
$ aa-exec -p test -- ls /tmp
ls: cannot open directory /tmp: Permission denied
$ aa-exec -p test -- ls /tmp/foo
/tmp/foo
$ aa-exec -p test -- cat /tmp/foo
cat: /tmp/foo: Permission denied
|