1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
|
# Last Modified: Wed Jul 15 15:26:31 2015
#include <tunables/global>
/usr/bin/extract {
/dev/shm/LE-* rw,
/etc/ld.so.cache mr,
/usr/bin/extract mr,
/usr/lib/gconv/gconv-modules r,
/usr/lib/libFLAC.so.* mr,
/usr/lib/libacl.so.* mr,
/usr/lib/libarchive.so.* mr,
/usr/lib/libattr.so.* mr,
/usr/lib/libbz2.so.* mr,
/usr/lib/libc-*.so mr,
/usr/lib/libcrypto.so.* mr,
/usr/lib/libdl-*.so mr,
/usr/lib/libexiv2.so.* mr,
/usr/lib/libexpat.so.* mr,
/usr/lib/libextractor.so.* mr,
/usr/lib/libextractor/ r,
/usr/lib/libextractor/libextractor_*.so mr,
/usr/lib/libextractor_common.so.* mr,
/usr/lib/libgcc_s.so.* mr,
/usr/lib/libjpeg.so.* mr,
/usr/lib/libltdl.so.* mr,
/usr/lib/liblzma.so.* mr,
/usr/lib/liblzo2.so.* mr,
/usr/lib/libm-*.so mr,
/usr/lib/libmagic.so.* mr,
/usr/lib/libmpeg2.so.* mr,
/usr/lib/libogg.so.* mr,
/usr/lib/libpthread-*.so mr,
/usr/lib/librt-*.so mr,
/usr/lib/libstdc++.so.* mr,
/usr/lib/libtiff.so.* mr,
/usr/lib/libvorbis.so.* mr,
/usr/lib/libvorbisfile.so.* mr,
/usr/lib/libz.so.* mr,
/usr/lib/locale/locale-archive r,
/usr/share/file/misc/magic.mgc r,
/usr/share/locale/fr/LC_MESSAGES/libc.mo r,
/usr/share/locale/fr/LC_MESSAGES/libextractor.mo r,
/usr/share/locale/locale.alias r,
deny @{HOME}/.* r,
deny @{HOME}/.*/** r,
#files where extract can be used
owner @{HOME}/** r,
/media/** r,
@{PROC}/@{pid}/maps r,
}
|
