[apparmor] [Bug 1609439] Re: Firefox profile has too much access
Simon Déziel
1609439 at bugs.launchpad.net
Fri Aug 5 16:43:35 UTC 2016
On 2016-08-05 11:59 AM, Vincas Dargis wrote:
> So it's like.. no a bug, it's by design? Though these explicit real
> rules in usr.bin.firefox looks very misleading in this case.
I agree with you, the profile should be tighten up. Since the profile is
disabled by default, I think the regression potential is rather low and
the security benefits are high.
I'd like to hear from other users of the profile though.
--
You received this bug notification because you are a member of AppArmor
Developers, which is subscribed to AppArmor Profiles.
https://bugs.launchpad.net/bugs/1609439
Title:
Firefox profile has too much access
Status in AppArmor Profiles:
New
Bug description:
usr.bin.firefox in Kubuntu 16.04.1 profile has some fine grained rules
defined concerning home directory, such as:
owner @{HOME}/ r,
...
owner @{HOME}/.{firefox,mozilla}/ rw,
owner @{HOME}/.{firefox,mozilla}/** rw,
owner @{HOME}/.{firefox,mozilla}/**/*.{db,parentlock,sqlite}* k,
owner @{HOME}/.{firefox,mozilla}/**/plugins/** mr,
owner @{HOME}/.{firefox,mozilla}/plugins/** mr,
owner @{HOME}/Downloads/ r,
owner @{HOME}/Downloads/* rw,
owner @{HOME}/Public/ r,
owner @{HOME}/Public/* r,
...
It *looks* strict at first sight, but I still can read some arbitrary files from my home (sub)directory, such as
/home/vincas/talkless.pqi
/home/vincas/code/something...
It *does* protect .ssh/id_rsa.pub and such, for example, so denies
kinda works from "private-files-strict" include.
I've checked apparor_parser -d -d, I can see some @{HOME}/** rw...
rules, though it looks like it should belong to browser_java,
browser_openjdk subprofiles, but it looks like if they are "leaking"
somehow for main process.
I'm attaching apparmor_parser -d -d and -p outputs.
To manage notifications about this bug go to:
https://bugs.launchpad.net/apparmor-profiles/+bug/1609439/+subscriptions
More information about the AppArmor
mailing list