Control: retitle -1 "WARNING: Glycin running without sandbox" when AppArmor
profile doesn't allow the sandbox to work
Control: affects -1 + libreoffice thunderbird evince papers
On Sun, 22 Feb 2026 at 12:59:41 +0100, Marc Haber wrote:
On Wed, Feb 11, 2026 at 02:48:06PM +0100, Vincent Lefevre wrote:
Each time I run libreoffice, I now get:
WARNING: Glycin running without sandbox.
I see the same warning (over and over, tens of times a second) when I
start thunderbird 1:140.7.1esr-1+b1.
The common factor is that these apps have an AppArmor profile that
doesn't allow glycin's sandboxed image loaders to operate as designed:
one layer of security hardening is breaking another. There does not seem
to be any easy solution to this.
For thunderbird, this is <https://bugs.debian.org/1127710>. A mitigation
is that thunderbird's AppArmor profile is not (meant to be?) enabled by
default, so only users whose systems have it enabled (for whatever
reason) are affected. It seems that the most likely resolution to that
bug report will be to remove thunderbird's AppArmor profile (which is
probably not an effective security boundary in practice because it
already has to allow so much, in order to not break expected
functionality) which would result in gdk-pixbuf / glycin / bwrap working
as intended.
evince is another affected app (<https://bugs.debian.org/1127935>) and I
sent some prototype AppArmor profile changes to
https://salsa.debian.org/gnome-team/extras/evince/-/merge_requests/10,
but it really needs help from an AppArmor expert (which I am not) to
turn that prototype into something releaseable.
For the other affected apps such as libreoffice and papers, I think the
solution will have to involve either extending their AppArmor profiles
so that the sandboxed image loaders can work (if the AppArmor profile is
providing value), or removing/disabling the AppArmor profile (if it
isn't practically helpful to mitigate/prevent attacks and is only
causing us problems).
smcv
