There's not explicit mention of ".xsession-errors" in firefox's source code, so those must be coming from one of its dependencies. Those should be harmless though.
> There is also no obvious way to access the apparmor configuration > file of the snapped firefox. The profile is at /var/lib/snapd/apparmor/profiles/snap.firefox.firefox. Note that it is automatically generated by snapd, and will be overwritten the next time the firefox snap is updated. However the generated profile includes <abstractions/X>, which in turn includes <abstractions/X.d>, so you might be able silence the accesses to .xsession-errors there. > There are also other reports on the internet that the apparmor > configuration in this version of firefox fails to provide the > targeted security. This is a pretty vague statement. Can you elaborate? Do you have pointers to these reports? -- You received this bug notification because you are a member of Desktop Packages, which is subscribed to firefox in Ubuntu. https://bugs.launchpad.net/bugs/1982001 Title: Snap-based Firefox spams apparmor messages in journal Status in firefox package in Ubuntu: Incomplete Bug description: The current awfully-slow firefox package which is provided via snap has an excessive log spamming bug: On various system interactions (not only in the browser but for example by using the media-next button) a lot of apparmor notifications are triggered: Jul 18 16:32:05 UML033 kernel: audit: type=1400 audit(1658154725.146:718): apparmor="DENIED" operation="open" profile="snap.firefox.firefox" name="/home/[private]/.xsession-errors" pid=3300 comm="pool-firefox" requested_mask="r" denied_mask="r" fsuid=1000 ouid=1000 [REPEATS] Jul 18 16:32:06 UML033 audit[3300]: AVC apparmor="DENIED" operation="open" profile="snap.firefox.firefox" name="/home/[private]/.xsession-errors" pid=3300 comm="pool-firefox" requested_mask="r" denied_mask="r" fsuid=1000 ouid=1000 [REPEATS] This is particular annoying for all users who are actively using apparmor in combination with aa-notify: It floods the whole desktop. There is also no obvious way to access the apparmor configuration file of the snapped firefox. There are also other reports on the internet that the apparmor configuration in this version of firefox fails to provide the targeted security. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/firefox/+bug/1982001/+subscriptions -- Mailing list: https://launchpad.net/~desktop-packages Post to : [email protected] Unsubscribe : https://launchpad.net/~desktop-packages More help : https://help.launchpad.net/ListHelp
