[Bug 2046844] Re: AppArmor user namespace creation restrictions cause many applications to crash with SIGTRAP
Aaron Rainbolt
2046844 at bugs.launchpad.net
Wed Apr 3 21:51:41 UTC 2024
I believe bwrap was ignored intentionally, as the point of the apparmor
change was to prevent arbitrary apps from making unprivileged user
namespaces with capabilities. Allowing Bubblewrap to do so would provide
a loophole. Same reason `unshare` isn't allowed to make unprivileged
namespaces with capabilities.
Perhaps something about libgnome-desktop is incorrectly assuming it
needs capabilities that it doesn't actually need? Or is the ability to
make unprivileged user namespaces with no capabilities failing somehow?
--
You received this bug notification because you are a member of Mozilla
Bugs, which is subscribed to firefox in Ubuntu.
https://bugs.launchpad.net/bugs/2046844
Title:
AppArmor user namespace creation restrictions cause many applications
to crash with SIGTRAP
To manage notifications about this bug go to:
https://bugs.launchpad.net/apparmor/+bug/2046844/+subscriptions
More information about the Ubuntu-mozillateam-bugs
mailing list