This file is indexed.

/etc/apparmor.d/usr.bin.evince is in evince 3.22.1-3+deb9u1.

This file is owned by root:root, with mode 0o644.

The actual contents of the file can be viewed below.

  1
  2
  3
  4
  5
  6
  7
  8
  9
 10
 11
 12
 13
 14
 15
 16
 17
 18
 19
 20
 21
 22
 23
 24
 25
 26
 27
 28
 29
 30
 31
 32
 33
 34
 35
 36
 37
 38
 39
 40
 41
 42
 43
 44
 45
 46
 47
 48
 49
 50
 51
 52
 53
 54
 55
 56
 57
 58
 59
 60
 61
 62
 63
 64
 65
 66
 67
 68
 69
 70
 71
 72
 73
 74
 75
 76
 77
 78
 79
 80
 81
 82
 83
 84
 85
 86
 87
 88
 89
 90
 91
 92
 93
 94
 95
 96
 97
 98
 99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
# vim:syntax=apparmor
# Author: Kees Cook <kees@canonical.com>
#         Jamie Strandboge <jamie@canonical.com>

#include <tunables/global>

/usr/bin/evince {
  #include <abstractions/audio>
  #include <abstractions/bash>
  #include <abstractions/cups-client>
  #include <abstractions/dbus>
  #include <abstractions/dbus-session>
  #include <abstractions/dbus-accessibility>
  #include <abstractions/evince>
  #include <abstractions/ibus>
  #include <abstractions/nameservice>

  #include <abstractions/ubuntu-browsers>
  #include <abstractions/ubuntu-console-browsers>
  #include <abstractions/ubuntu-email>
  #include <abstractions/ubuntu-console-email>
  #include <abstractions/ubuntu-media-players>

  # Terminals for using console applications. These abstractions should ideally
  # have 'ix' to restrict access to what only evince is allowed to do
  #include <abstractions/ubuntu-gnome-terminal>

  # By default, we won't support launching a terminal program in Xterm or
  # KDE's konsole. It opens up too many unnecessary files for most users.
  # People who need this functionality can uncomment the following:
  ##include <abstractions/ubuntu-xterm>
  ##include <abstractions/ubuntu-konsole>

  /usr/bin/evince rmPx,
  /usr/bin/evince-previewer Px,
  /usr/bin/yelp Cx -> sanitized_helper,
  /usr/bin/bug-buddy px,
  # 'Show Containing Folder' (LP: #1022962)
  /usr/bin/nautilus Cx -> sanitized_helper, # Gnome
  /usr/bin/pcmanfm Cx -> sanitized_helper,  # LXDE
  /usr/bin/krusader Cx -> sanitized_helper, # KDE
  /usr/bin/thunar Cx -> sanitized_helper,   # XFCE

  # For Xubuntu to launch the browser
  /usr/bin/exo-open ixr,
  /usr/lib/@{multiarch}/xfce4/exo-1/exo-helper-1 ixr,
  /etc/xdg/xdg-xubuntu/xfce4/helpers.rc r,
  /etc/xdg/xfce4/helpers.rc r,

  # For text attachments
  /usr/bin/gedit ixr,

  # For Send to
  /usr/bin/nautilus-sendto Cx -> sanitized_helper,

  # allow directory listings (ie 'r' on directories) so browsing via the file
  # dialog works
  / r,
  /**/ r,

  # This is need for saving files in your home directory without an extension.
  # Changing this to '@{HOME}/** r' makes it require an extension and more
  # secure (but with 'rw', we still have abstractions/private-files-strict in
  # effect).
  owner @{HOME}/** rw,
  owner /media/**  rw,
  owner @{HOME}/.local/share/gvfs-metadata/** l,
  owner /{,var/}run/user/*/gvfs-metadata/** l,

  owner @{HOME}/.gnome2/evince/*       rwl,
  owner @{HOME}/.gnome2/accels/        rw,
  owner @{HOME}/.gnome2/accelsevince   rw,
  owner @{HOME}/.gnome2/accels/evince  rw,

  # Maybe add to an abstraction?
  /etc/dconf/**                                       r,
  owner @{HOME}/.cache/dconf/user                     rw,
  owner @{HOME}/.config/dconf/user                    r,
  owner /{,var/}run/user/*/dconf/                     w,
  owner /{,var/}run/user/*/dconf/user                 rw,
  owner /{,var/}run/user/*/dconf-service/keyfile/     w,
  owner /{,var/}run/user/*/dconf-service/keyfile/user rw,

  owner /{,var/}run/user/*/at-spi2-*/   rw,
  owner /{,var/}run/user/*/at-spi2-*/** rw,

  # from http://live.gnome.org/Evince/SupportedDocumentFormats. Allow
  # read and write for all supported file formats
  /**.[bB][mM][pP]     rw,
  /**.[dD][jJ][vV][uU] rw,
  /**.[dD][vV][iI]     rw,
  /**.[gG][iI][fF]     rw,
  /**.[jJ][pP][gG]     rw,
  /**.[jJ][pP][eE][gG] rw,
  /**.[oO][dD][pP]     rw,
  /**.[fFpP][dD][fF]   rw,
  /**.[pP][nN][mM]     rw,
  /**.[pP][nN][gG]     rw,
  /**.[pP][sS]         rw,
  /**.[eE][pP][sS]     rw,
  /**.[tT][iI][fF]     rw,
  /**.[tT][iI][fF][fF] rw,
  /**.[xX][pP][mM]     rw,
  /**.[gG][zZ]         rw,
  /**.[bB][zZ]2        rw,
  /**.[cC][bB][rRzZ7]  rw,
  /**.[xX][zZ]         rw,

  # evince creates a temporary stream file like '.goutputstream-XXXXXX' in the
  # directory a file is saved. This allows that behavior.
  owner /**/.goutputstream-* w,
}

/usr/bin/evince-previewer {
  #include <abstractions/audio>
  #include <abstractions/bash>
  #include <abstractions/cups-client>
  #include <abstractions/dbus-session>
  #include <abstractions/dbus-accessibility>
  #include <abstractions/dbus-strict>
  #include <abstractions/evince>
  #include <abstractions/ibus>
  #include <abstractions/nameservice>

  #include <abstractions/ubuntu-browsers>
  #include <abstractions/ubuntu-console-browsers>
  #include <abstractions/ubuntu-email>
  #include <abstractions/ubuntu-console-email>
  #include <abstractions/ubuntu-media-players>

  # Terminals for using console applications. These abstractions should ideally
  # have 'ix' to restrict access to what only evince is allowed to do
  #include <abstractions/ubuntu-gnome-terminal>

  # By default, we won't support launching a terminal program in Xterm or
  # KDE's konsole. It opens up too many unnecessary files for most users.
  # People who need this functionality can uncomment the following:
  ##include <abstractions/ubuntu-xterm>

  /usr/bin/evince-previewer mr,
  /usr/bin/yelp Cx -> sanitized_helper,
  /usr/bin/bug-buddy px,

  # Lenient, but remember we still have abstractions/private-files-strict in
  # effect). Write is needed for 'print to file' from the previewer.
  @{HOME}/ r,
  @{HOME}/** rw,

  # Maybe add to an abstraction?
  owner /{,var/}run/user/*/dconf/          w,
  owner /{,var/}run/user/*/dconf/user      rw,
}

/usr/bin/evince-thumbnailer {
  #include <abstractions/dbus-session>
  #include <abstractions/evince>

  # The thumbnailer doesn't need access to everything in the nameservice
  # abstraction. Allow reading of /etc/passwd and /etc/group, but suppress
  # logging denial of nsswitch.conf.
  /etc/passwd r,
  /etc/group r,
  deny /etc/nsswitch.conf r,

  # TCP/UDP network access for NFS
  network inet  stream,
  network inet6 stream,
  network inet  dgram,
  network inet6 dgram,

  /usr/bin/evince-thumbnailer mr,

  # Lenient, but remember we still have abstractions/private-files-strict in
  # effect).
  @{HOME}/ r,
  owner @{HOME}/** rw,
  owner /media/**  rw,
}