[Bug 2055402] Re: Though lintian call: error: troff: Segmentation fault
Colin Watson
2055402 at bugs.launchpad.net
Thu Jul 4 07:25:30 UTC 2024
I would like to add a small correction here regarding the intent of man-
db's AppArmor policy. The intent is _not_ to confine where the man
program itself can write, as is noted in the policy itself:
# Allow basically anything in terms of file system access, subject to DAC.
# The purpose of this profile isn't to confine man itself (that might be
# nice in the future, but is tricky since it's quite configurable), but to
# confine the processes it calls that parse untrusted data.
/** mrixwlk,
However, the man_groff sub-profile is more constrained, and that's used
for the groff-related subprocesses that man forks. That's what's
triggering denials here.
In some ways I wonder if that means that the problem is a leaky
abstraction of sorts. We're trying to confine man's groff-related
subprocesses, but we pass through FDs to them. One possibility might be
to have groff write to a pipe instead in this situation and stream it
through man to the output file. Slightly less efficient, but it might
not be too unreasonable.
--
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to lintian in Ubuntu.
https://bugs.launchpad.net/bugs/2055402
Title:
Though lintian call: error: troff: Segmentation fault
Status in lintian package in Ubuntu:
Confirmed
Bug description:
groff crash when redirecting output to a file
% man --warnings -E UTF-8 -l -Tutf8 -Z /usr/share/man/man1/cat.1.gz >output
troff:<standard input>:3: fatal error: unable to flush output file: Permission denied
groff: error: troff: Segmentation fault (core dumped)
man: command exited with status 2: /usr/libexec/man-db/zsoelim | /usr/libexec/man-db/manconv -f UTF-8:ISO-8859-1 -t UTF-8//IGNORE | preconv -e UTF-8 | tbl | groff -mandoc -Z -rLL=78n -rLT=78n -wmac -Tutf8
This is typically triggered by lintian when scanning man pages
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/lintian/+bug/2055402/+subscriptions
More information about the foundations-bugs
mailing list