According to document in whonix wiki i have installed maximum apparmor profiles in both GATEWAY and WORKSTATION
sudo apt-get install apparmor-profiles apparmor-profiles-extra apparmor-profiles-kicksecure
and then as per documentation recommendation i have enforced all profiles in /etc/apparmor.d/
sudo aa-enforce /etc/apparmor.d/*
now upon checking denied logs i have seen some denied entries from Whonix firewall …
is it safe ?