[Bug 1202634] Re: evince crashed with SIGABRT in raise()

Thu, 18 Jul 2013 16:16:16 -0700 

>From the kernel logs,

Jul 18 11:09:06 utah-105-saucy-amd64 kernel: [  228.691785] type=1400 
audit(1374145746.563:61): apparmor="DENIED" operation="capable" parent=5108 
profile="/usr/bin/evince" pid=5124 comm="evince" pid=5124 comm="evince" 
capability=1  capname="dac_override"
Jul 18 11:09:06 utah-105-saucy-amd64 kernel: [  228.691795] type=1400 
audit(1374145746.563:62): apparmor="DENIED" operation="capable" parent=5108 
profile="/usr/bin/evince" pid=5124 comm="evince" pid=5124 comm="evince" 
capability=2  capname="dac_read_search"
Jul 18 11:09:06 utah-105-saucy-amd64 kernel: [  228.691785] type=1400 
audit(1374145746.563:61): apparmor="DENIED" operation="capable" parent=5108 
profile="/usr/bin/evince" pid=5124 comm="evince" pid=5124 comm="evince" 
capability=1  capname="dac_override"
Jul 18 11:09:06 utah-105-saucy-amd64 kernel: [  228.691795] type=1400 
audit(1374145746.563:62): apparmor="DENIED" operation="capable" parent=5108 
profile="/usr/bin/evince" pid=5124 comm="evince" pid=5124 comm="evince" 
capability=2  capname="dac_read_search"


It looks like evince is being run as root to try to read a file it does not 
actually have permission to read without using root privileges.

I do not believe we will ever want to support running evince with
elevated capabilities for the purposes of allowing root to bypass access
controls -- a legitimate root user can simply copy the desired data via
an unconfined mechanism.

Probably the evince tests need to be modified to not run evince as root,
or change the file or directory permissions to allow root to access the
files without using root privileges.

Thanks

** Changed in: evince (Ubuntu)
       Status: New => Confirmed

** Changed in: evince (Ubuntu)
       Status: Confirmed => Won't Fix

-- 
You received this bug notification because you are a member of Ubuntu
Desktop Bugs, which is subscribed to evince in Ubuntu.
https://bugs.launchpad.net/bugs/1202634

Title:
  evince crashed with SIGABRT in raise()

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/evince/+bug/1202634/+subscriptions

-- 
desktop-bugs mailing list
desktop-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/desktop-bugs

Reply via email to