[apparmor] [profile] Evince: the lack of "private-files-strict" and a lenient, dangerous rules related to @{HOME} folder.
Seth Arnold
seth.arnold at canonical.com
Wed Nov 29 20:33:09 UTC 2017
Hello Daniel,
On Wed, Nov 29, 2017 at 05:02:25PM +0000, daniel curtis wrote:
> I'm asking, because Evince is a document viewer (PostScript, PDF).
> Of course it allows e.g. printing PS files, EPS etc., text searching, hypertext
> navigation and bookmarks with index when it is available in the document
> and so on. So, are these rules above necessary?
Believe me, we get _so many bug reports_ about various pieces of evince
that don't work due to AppArmor profiles that you're going to have a very
hard time selling us on removing rules from the default profile.
Distro-provided profiles will always be too permissive for some users. The
long-term vision for these users involves stacking profiles together
to further restrict operations. You can do this today, sortof, but it
takes some work.
> I would like to remove all unnecessary rules. Just like with Firefox
> profile where, by default, files can be downloaded to every folder in
> @{HOME}. I'd to make some changes: add about 6 rules to the Firefox profile
> and edit "/abstractions/ubuntu browsers.d/user-files"
> (that's a place with rules that allow write access everywhere in $HOME
> etc.)
>
> After mentioned changes, users can download only to the "Download" folder,
> not everywhere. Oh, and I added an abstractions "private-files" rule. (Plus
> two more needed rules, because of a "DENIED" entry.) I think it's a safer
> solution, but maybe I'm wrong.
Strictly speaking, even if you remove the ~/** rw, kinds of rules from
firefox's profile, you'll still be able to download to any writable
location in the profile. Doing any different would require modifications
to Firefox.
Thanks
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 473 bytes
Desc: not available
URL: <https://lists.ubuntu.com/archives/apparmor/attachments/20171129/5a46921d/attachment.sig>
More information about the AppArmor
mailing list