[apparmor] [Merge] ~intrigeri/apparmor-profiles/+git/apparmor-profiles:gnome-3.26 into apparmor-profiles:master
intrigeri
intrigeri at boum.org
Thu Oct 26 08:06:36 UTC 2017
Steve Beattie:
> Can PUx be used for bwrap instead, to scrub the environment before invoking bubblewrap?
No, as said in commit 2194269942c5393b1f657a9117d3839da5dbf279:
We don't scrub environment variables because bwrap will reuse $HOME
(see bwrap(1)) and clean the environment itself.
IIRC I've tested the version with environment scrubbing first, saw it fail and read more about bwrap.
> If it turns out bwrap really does need unfiltered environment variables, then please report back and we can adjust.
I'll test what was merged and will submit a new MR if it's broken.
--
https://code.launchpad.net/~intrigeri/apparmor-profiles/+git/apparmor-profiles/+merge/332769
Your team AppArmor Developers is subscribed to branch apparmor-profiles:master.
More information about the AppArmor
mailing list