AppArmor: allow using glycin-loaders via bwrap
My initial implementation was NIH, after which I was pointed to https://github.com/roddhjav/apparmor.d/blob/main/apparmor.d/groups/children/glycin, so I opted for importing and adapting this policy, since we can't easily depend on it.
I've imported the version that does not use AppArmor policy namespaces. Note that the upstream version uses complain mode for bwrap and the glycin loaders, so these processes would be almost unconfined ("almost" because deny rules are enforced in complain mode). I've removed this in our version, so we run them with the corresponding profiles in enforce mode.
For the record, there's another version available, that uses AppArmor policy namespaces (for details and more context, see https://github.com/roddhjav/apparmor.d/pull/966 and https://gitlab.com/apparmor/apparmor/-/wikis/AppArmorNamespaces). I did not choose that other version, because:
- It requires an
apparmor_parserwith https://gitlab.com/apparmor/apparmor/-/merge_requests/1829, that's not available in common distros yet. - I understand it's only useful when the browser sets nnp, which apparently is not the case in Tor Browser started via torbrowser-launcher installed from Debian. I suppose it would be different for the Flatpak, but in that case the AppArmor policy is not applied, and glycin will use a different code path for sandboxing anyway.
Closes #50