[Libreoffice-commits] core.git: sysui/desktop

Mon, 27 Aug 2018 07:30:57 -0700 

 sysui/desktop/apparmor/program.soffice.bin |    4 ++++
 1 file changed, 4 insertions(+)

New commits:
commit 136077b40cdabab83aec6833bf3895d4305d30a3
Author:     Vincas Dargis <vin...@gmail.com>
AuthorDate: Tue Aug 14 21:34:59 2018 +0300
Commit:     Rene Engelhard <r...@debian.org>
CommitDate: Mon Aug 27 16:30:26 2018 +0200

    apparmor: fix printing to file
    
    AppArmor denies writing to .ps files and dealing with temporaries needed
    for "Print to file" functionality. Add .ps to the allowed extensions
    list, also giving access to rm executable together with writing
    printing-related temporary file.
    
    Change-Id: I415e1401878bff6459f42162d4e8b517261b9cec
    Reviewed-on: https://gerrit.libreoffice.org/59114
    Tested-by: Jenkins
    Reviewed-by: Rene Engelhard <r...@debian.org>

diff --git a/sysui/desktop/apparmor/program.soffice.bin 
b/sysui/desktop/apparmor/program.soffice.bin
index 45252291938e..90d663a9d54a 100644
--- a/sysui/desktop/apparmor/program.soffice.bin
+++ b/sysui/desktop/apparmor/program.soffice.bin
@@ -37,6 +37,8 @@
 @{libreoffice_ext} += {,x,X}[hH][tT][mM]{,l,L}
 #.epub
 @{libreoffice_ext} += [eE][pP][uU][bB]
+#.ps (printing to file)
+@{libreoffice_ext} += [pP][sS]
 
 #Images
 @{libreoffice_ext} += [jJ][pP][gG]
@@ -117,6 +119,7 @@ profile libreoffice-soffice INSTDIR-program/soffice.bin {
   owner @{HOME}/.cache/fontconfig/**    rw,
   owner @{HOME}/.config/gtk-???/bookmarks r,  #Make bookmarks work
   owner @{HOME}/.recently-used          rwk,
+  owner /tmp/psp[0-9][0-9][0-9][0-9][0-9][0-9][0-9][0-9][0-9][0-9]* rw, 
#/tmp/psp1534203998 (printing to file)
 
   owner /{,var/}run/user/*/dconf/user   rw,
   owner @{HOME}/.config/dconf/user      r,
@@ -131,6 +134,7 @@ profile libreoffice-soffice INSTDIR-program/soffice.bin {
   /{usr/,}bin/sh                        rmix,
   /{usr/,}bin/bash                      rmix,
   /{usr/,}bin/dash                      rmix,
+  /{usr/,}bin/rm                        rmix, #deleting /tmp/psp1534203998 
(printing to file)
   /usr/bin/bluetooth-sendto             rmPUx,
   /usr/bin/lpr                          rmPUx,
   /usr/bin/paperconf                    rmix,
_______________________________________________
Libreoffice-commits mailing list
libreoffice-comm...@lists.freedesktop.org
https://lists.freedesktop.org/mailman/listinfo/libreoffice-commits

Reply via email to