On Tue, Nov 08, 2016 at 11:46:50AM +0100, daniel curtis wrote: > Okay, thanks for an informations. Should I add some rule to the Firefox > profile? I mean: "/proc/*/net/arp" or leave it as is? Honestly, Firefox > works normally and I saw this "DENIED" message for the first time.
I guess it depends upon your goals. If you want Firefox to work as designed but limit the scope of damage if it's attacked, then you should allow the arp lookups. If you want to prevent Firefox from knowing more details about your local network, then you should deny the accesses, and be aware that this might prevent Firefox from working correctly in the future. Thanks
signature.asc
Description: PGP signature
-- AppArmor mailing list [email protected] Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/apparmor
