[Touch-packages] [Bug 1260115] Re: oxide's chrome-sandbox needs access to @{PROC}/[0-9]*/oom_* which may conflict with application lifecycle

2014-09-29 Thread Jamie Strandboge
This access was confirmed to interfere with application lifecycle and provides an easy way for apps to adjust their own OOM scores. apparmor- easyprof-ubuntu needs to remove the policy allowing writes to these proc entries. ** Changed in: apparmor-easyprof-ubuntu (Ubuntu) Importance: Medium =

[Touch-packages] [Bug 1260115] Re: oxide's chrome-sandbox needs access to @{PROC}/[0-9]*/oom_* which may conflict with application lifecycle

2014-09-29 Thread Jamie Strandboge
Oxide was checked to handled the failure to write to the oom files gracefully. We will not be adjusting it for this bug but instead just silently deny the accesses. ** Changed in: oxide Status: New = Won't Fix ** Tags removed: touch-2014-09-29 ** Tags added: touch-2014-10-09 ** Changed

[Touch-packages] [Bug 1260115] Re: oxide's chrome-sandbox needs access to @{PROC}/[0-9]*/oom_* which may conflict with application lifecycle

2014-09-29 Thread Launchpad Bug Tracker
This bug was fixed in the package apparmor-easyprof-ubuntu - 1.2.29 --- apparmor-easyprof-ubuntu (1.2.29) utopic; urgency=medium * ubuntu/webview: explicitly deny write access to @{PROC}/[0-9]*/oom_adj and @{PROC}/[0-9]*/oom_score_adj. This is confirmed as a way to escape