[Bug 1662501] Re: since the apparmor profile is disabled by default, please make the apparmor policy strict with option to make less strict
Vlad K.
1662501 at bugs.launchpad.net
Tue Feb 7 15:34:29 UTC 2017
Jamie,
thanks for the elaborate explanation and directing the issue where it
matters.
I'd just like to comment on switching the issue to "firefox" package and
"the firefox profile can be adjusted to remove the user-files
abstraction ..."
Removal of "user-files" abstraction would weaken the security because
user-files contains explicit DENY rules for ~/.ssh and kde|gnome
wallets, as well as ~/.gpg (!!). While that would, in turn, also imply
removal of "@{HOME}/** r" ruleset, and thus imply no access to files in
user's HOME directory at all, it would compound with default Firefox'
policy of "/**/ r," which would then allow at least listing of all user
files.
The user-files abstraction is important. It protects known sensitive
files, but it should also deny all access to anything but ~/Downloads
and/or ~/Public. With a few comments with which the user can be directed
to easily re-enable full @{HOME} access if she or he so desires.
--
You received this bug notification because you are a member of Mozilla
Bugs, which is subscribed to firefox in Ubuntu.
https://bugs.launchpad.net/bugs/1662501
Title:
since the apparmor profile is disabled by default, please make the
apparmor policy strict with option to make less strict
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/firefox/+bug/1662501/+subscriptions
More information about the Ubuntu-mozillateam-bugs
mailing list