Advertisement
FlyFar

apparmor/home.ssh-mitm.bin.ssh

Aug 12th, 2023
2,005
0
Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
SSH Config 1.42 KB | Cybersecurity | 0 0
  1. # Copyright (C) 2017-2018  Joe Testa <jtesta@positronsecurity.com>
  2. #
  3. # This program is free software: you can redistribute it and/or modify
  4. # it under the terms version 3 of the GNU General Public License as
  5. # published by the Free Software Foundation.
  6. #
  7. # This program is distributed in the hope that it will be useful,
  8. # but WITHOUT ANY WARRANTY; without even the implied warranty of
  9. # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
  10. # GNU General Public License for more details.
  11. #
  12. # You should have received a copy of the GNU General Public License
  13. # along with this program.  If not, see <http://www.gnu.org/licenses/>.
  14.  
  15.  
  16. #include <tunables/global>
  17.  
  18. /home/ssh-mitm/bin/ssh {
  19.  #include <abstractions/base>
  20.  
  21.   network inet stream,
  22.   network inet6 stream,
  23.   network unix stream,
  24.  
  25.   /dev/pts/* rw,
  26.   /dev/tty rw,
  27.   /proc/*/fd/ r,
  28.   /etc/nsswitch.conf r,
  29.   /etc/passwd r,
  30.  
  31.   /home/ssh-mitm/bin/ssh mr,
  32.  
  33.   # Allow reads to the config file.
  34.   /home/ssh-mitm/etc/ssh_config r,
  35.  
  36.   # Allow writes to the log file (for stderr logging of the "ssh" and "sftp"
  37.  # clients).
  38.   /home/ssh-mitm/client.log w,
  39.  
  40.   # Allow reads & writes to the tmp/ dir.
  41.   /home/ssh-mitm/tmp/* rw,
  42.  
  43.   # Allow the creation of the .ssh/ dir, and reads & writes to the known_hosts
  44.  # file.
  45.   /home/ssh-mitm/.ssh/ w,
  46.   /home/ssh-mitm/.ssh/known_hosts rw,
  47.  
  48.   # Allow SFTP logging.
  49.   /home/ssh-mitm/sftp_session_*.html w,
  50. }
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement