[apparmor] [Bug 1706870] Re: usr.bin.thunderbird denies on Debian
intrigeri
intrigeri at boum.org
Sun Sep 3 07:18:29 UTC 2017
Thanks a lot for reporting this upstream, but sadly the profile shipped
in Debian has diverged from the one found in lp:apparmor-profiles (I've
just initiated a discussion about this topic:
https://bugs.debian.org/874100).
This being said, I think it's a mistake that the security backports of
Thunderbird for Wheezy & Jessie introduced the AppArmor profile that was
meant for Stretch and newer: I don't think we're ready to support that
profile in Wheezy & Jessie. Can you please file a bug report in Debian
about this?
** Bug watch added: Debian Bug tracker #874100
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=874100
--
You received this bug notification because you are a member of AppArmor
Developers, which is subscribed to AppArmor Profiles.
https://bugs.launchpad.net/bugs/1706870
Title:
usr.bin.thunderbird denies on Debian
Status in AppArmor Profiles:
New
Status in thunderbird package in Debian:
New
Bug description:
After update on Debian 8 Jessie usr.bin.thunderbird appeared, and now
now I see some DENIED messages (same on Debian Unstable):
type=AVC msg=audit(1501048134.907:8589): apparmor="DENIED" operation="file_mprotect" profile="thunderbird//lsb_release" name="/usr/bin/python2.7" pid=4744 comm="lsb_release" requested_mask="r" denied_mask="r" fsuid=1000 ouid=0
type=SYSCALL msg=audit(1501048134.907:8589): arch=c000003e syscall=10 success=no exit=-13 a0=91d000 a1=1000 a2=1 a3=7f01647551b0 items=0 ppid=4713 pid=4744 auid=1000 uid=1000 gid=1000 euid=1000 suid=1000 fsuid=1000 egid=1000 sgid=1000 fsgid=1000 tty=(none) ses=1 comm="lsb_release" exe="/usr/bin/python2.7" key=(null)
type=PROCTITLE msg=audit(1501048134.907:8589): proctitle=2F7573722F62696E2F707974686F6E002D4573002F7573722F62696E2F6C73625F72656C65617365002D69647263
type=AVC msg=audit(1501048002.887:8568): apparmor="DENIED" operation="file_mmap" profile="thunderbird" name="/usr/lib/mozilla/plugins/skypebuttons.so" pid=3596 comm="thunderbird" requested_mask="m" denied_mask="m" fsuid=1000 ouid=0
type=SYSCALL msg=audit(1501048002.887:8568): arch=c000003e syscall=9 success=no exit=-13 a0=0 a1=2126d8 a2=5 a3=802 items=0 ppid=2647 pid=3596 auid=1000 uid=1000 gid=1000 euid=1000 suid=1000 fsuid=1000 egid=1000 sgid=1000 fsgid=1000 tty=(none) ses=1 comm="thunderbird" exe="/usr/lib/thunderbird/thunderbird" key=(null)
type=PROCTITLE msg=audit(1501048002.887:8568): proctitle="/usr/lib/thunderbird/thunderbird"
type=AVC msg=audit(1501048002.867:8567): apparmor="DENIED" operation="file_mmap" profile="thunderbird" name="/usr/lib/jvm/java-7-openjdk-amd64/jre/lib/amd64/IcedTeaPlugin.so" pid=3596 comm="thunderbird" requested_mask="m" denied_mask="m" fsuid=1000 ouid=0
type=SYSCALL msg=audit(1501048002.867:8567): arch=c000003e syscall=9 success=no exit=-13 a0=0 a1=299c38 a2=5 a3=802 items=0 ppid=2647 pid=3596 auid=1000 uid=1000 gid=1000 euid=1000 suid=1000 fsuid=1000 egid=1000 sgid=1000 fsgid=1000 tty=(none) ses=1 comm="thunderbird" exe="/usr/lib/thunderbird/thunderbird" key=(null)
type=PROCTITLE msg=audit(1501048002.867:8567): proctitle="/usr/lib/thunderbird/thunderbird"
To manage notifications about this bug go to:
https://bugs.launchpad.net/apparmor-profiles/+bug/1706870/+subscriptions
More information about the AppArmor
mailing list