[apparmor] [Merge] ~u-d/apparmor-profiles:thunderbird/launcher into apparmor-profiles:master
intrigeri
intrigeri at boum.org
Sat Jul 1 16:14:03 UTC 2017
Review: Needs Fixing
This looks good, but I have one question and would like to see one issue fixed.
Diff comments:
> diff --git a/ubuntu/17.04/usr.bin.thunderbird b/ubuntu/17.04/usr.bin.thunderbird
> index e74e9f5..ab9a9d9 100644
> --- a/ubuntu/17.04/usr.bin.thunderbird
> +++ b/ubuntu/17.04/usr.bin.thunderbird
> @@ -175,6 +175,20 @@ profile thunderbird /usr/lib/thunderbird/thunderbird {
> /{usr/,}bin/uname Uxr,
> /usr/bin/locale Uxr,
>
> + # We want people to open attachments.
> + # This should work for most users, not only GNOME users.
> + # Thunderbird should use *-open but it does not, so we need to allow
> + # launching programs from /usr/bin.
> + # Programs that have a profile though should be called using Px,
> + # the others using sanitized_helper at least.
This last rule makes sense to me. But then in the next 6 following lines, I see 3 lines that apply it, and 3 others that don't (*-open). So my question is: why are *-open not run under sanitized_helper?
> + /usr/bin/gnome-open rmix,
> + /usr/bin/xdg-open rmix,
> + /usr/bin/exo-open rmix,
> + /{usr/,}bin/* Cx -> sanitized_helper,
> + /usr/bin/evince Pix,
> + /usr/bin/totem Pix,
Please use paths that work with merged-/usr i.e. for example /{usr/,}bin/evince. I've spent lots of time eliminating all these incompatibilities and would rather not see us add new ones now :)
> +
> +
> /usr/bin/gpg Cx -> gpg,
>
> profile gpg {
--
https://code.launchpad.net/~u-d/apparmor-profiles/+git/apparmor-profiles/+merge/320276
Your team AppArmor Developers is requested to review the proposed merge of ~u-d/apparmor-profiles:thunderbird/launcher into apparmor-profiles:master.
More information about the AppArmor
mailing list