<p></p>
<p>I drafted an AppArmor profile for Bisq <a href="https://github.com/komachi/apparmor-even-more-profiles/blob/master/profiles/opt.Bisq.Bisq">https://github.com/komachi/apparmor-even-more-profiles/blob/master/profiles/opt.Bisq.Bisq</a></p>
<p>It works for me on debian stable. I propose shipping an AppArmor profile (you can take mine) as part of deb and rpm packages. This is greatly reduce effect of possible vulnerabilities at nearly no cost other than maintaining this profile. Only users with AppArmor enabled will benefit from this, but that's a lot, given that Ubuntu, Debian and others has it enabled by default.</p>

<p style="font-size:small;-webkit-text-size-adjust:none;color:#666;">—<br />You are receiving this because you are subscribed to this thread.<br />Reply to this email directly, <a href="https://github.com/bisq-network/bisq/issues/4288">view it on GitHub</a>, or <a href="https://github.com/notifications/unsubscribe-auth/AJFFTNSDRGJ7L22PLMFAT4TRVZCP3ANCNFSM4NZPCBQQ">unsubscribe</a>.<img src="https://github.com/notifications/beacon/AJFFTNS6L5CWMC7E2L5YQ5LRVZCP3A5CNFSM4NZPCBQ2YY3PNVWWK3TUL52HS4DFUVEXG43VMWVGG33NNVSW45C7NFSM4JPAYX6A.gif" height="1" width="1" alt="" /></p>
<script type="application/ld+json">[
{
"@context": "http://schema.org",
"@type": "EmailMessage",
"potentialAction": {
"@type": "ViewAction",
"target": "https://github.com/bisq-network/bisq/issues/4288",
"url": "https://github.com/bisq-network/bisq/issues/4288",
"name": "View Issue"
},
"description": "View this Issue on GitHub",
"publisher": {
"@type": "Organization",
"name": "GitHub",
"url": "https://github.com"
}
}
]</script>