On 2017.11.18 23:24, Ben Caradoc-Davies wrote:>> Anyway, I believe change to allow Thunderbird to read arbitrary
dot-files or directories will not gonna happen,
But surely a rule for ~/.signature* is an exception? The use of ~/.signature is an ancient convention, the default for
many email clients, and thus required for interoperability. Expanding this to ~/.signature* seems straightforward and
should not introduce any security concerns.
Hm, this means that `deny @{HOME}/.* r,` has to go. It will bring back the
noisy denies, but I see no other solution.
Let's wait for Thunderbird and AppArmor maintainers comments.
