[apparmor] [Merge] lp:~sdeziel/apparmor-profiles/usr.bin.thunderbird-profile into lp:apparmor-profiles
Simon Deziel
simon.deziel at gmail.com
Tue Feb 9 16:49:02 UTC 2016
On 2016-01-14 08:46 AM, Jamie Strandboge wrote:
> On 01/14/2016 05:27 AM, Simon McVittie wrote:
>> On 13/01/16 20:21, Jamie Strandboge wrote:
>>> This comes from how Ubuntu (and I believe Debian) launch the binary.
>>> /usr/bin/thunderbird is a symlink to /usr/lib/thunderbird/thunderbird.sh. We
>>> didn't want to confine this file but instead /usr/lib/thunderbird/thunderbird.
>>
>> FWIW, Debian ships code remarkably similar to Thunderbird under the name
>> Icedove, for the same trademark reasons as Firefox/Iceweasel.
>> /usr/bin/icedove is a symlink to /usr/lib/icedove/icedove which seems to
>> be the real executable.
>>
>>> The glob is there because iirc ppa builds and older releases might use something
>>> different than /usr/lib/thunderbird/thunderbird.
>>
>> How much do you want to support those PPA builds and older releases,
>> bearing in mind that if you meaningfully supported them, you'd probably
>> already know how they're structured? :-)
>>
> I wasn't saying we should continue with the glob; I was trying to give
> historical context. I vote for:
>
> profile thunderbird /usr/lib/thunderbird/thunderbird { ... }
Done
> If we want to try to incorporate icedove, it could be done in a followup patch
> with alternations in the binary attachment and the rules.
I'd also like to see this done in a follow-up patch. If you agree, the
current bzr merge proposal would be ready to merge now.
Thanks,
Simon
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 949 bytes
Desc: OpenPGP digital signature
URL: <https://lists.ubuntu.com/archives/apparmor/attachments/20160209/17df7537/attachment.pgp>
More information about the AppArmor
mailing list