[Touch-packages] [Bug 1260103] Re: oxide should use an app-specific path for shared memory files
This bug was fixed in the package apparmor-easyprof-ubuntu - 16.10.3 --- apparmor-easyprof-ubuntu (16.10.3) yakkety; urgency=medium [ Michi Henning ] * add ClientConfig to list of allowed methods for applications using the thumbnailer (LP: #1528058) -- Jamie Strandboge Fri, 26 Aug 2016 10:01:48 -0500 ** Changed in: apparmor-easyprof-ubuntu (Ubuntu) Status: Confirmed => Fix Released -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to apparmor-easyprof-ubuntu in Ubuntu. https://bugs.launchpad.net/bugs/1260103 Title: oxide should use an app-specific path for shared memory files Status in Canonical System Image: Fix Released Status in Oxide: Fix Released Status in Oxide 1.17 series: Fix Released Status in webapps-sprint: Fix Committed Status in apparmor-easyprof-ubuntu package in Ubuntu: Fix Released Bug description: Oxide creates shared memory files as /run/shm/.org.chromium.Chromium.*. This results in an AppArmor rule like the following: owner /run/shm/.org.chromium.Chromium.* rwk, But this rule is too lenient because a malicious app could enumerate these files and attack shared memory of other applications. Therefore, these paths need to be made application specific. To manage notifications about this bug go to: https://bugs.launchpad.net/canonical-devices-system-image/+bug/1260103/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1260103] Re: oxide should use an app-specific path for shared memory files
** Changed in: canonical-devices-system-image Status: Fix Committed => Fix Released -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to apparmor-easyprof-ubuntu in Ubuntu. https://bugs.launchpad.net/bugs/1260103 Title: oxide should use an app-specific path for shared memory files Status in Canonical System Image: Fix Released Status in Oxide: Fix Released Status in Oxide 1.17 series: Fix Released Status in webapps-sprint: Fix Committed Status in apparmor-easyprof-ubuntu package in Ubuntu: Confirmed Bug description: Oxide creates shared memory files as /run/shm/.org.chromium.Chromium.*. This results in an AppArmor rule like the following: owner /run/shm/.org.chromium.Chromium.* rwk, But this rule is too lenient because a malicious app could enumerate these files and attack shared memory of other applications. Therefore, these paths need to be made application specific. To manage notifications about this bug go to: https://bugs.launchpad.net/canonical-devices-system-image/+bug/1260103/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1260103] Re: oxide should use an app-specific path for shared memory files
** Branch linked: lp:~oxide-developers/oxide/packaging.xenial ** Branch linked: lp:~oxide-developers/oxide/packaging.trusty -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to apparmor-easyprof-ubuntu in Ubuntu. https://bugs.launchpad.net/bugs/1260103 Title: oxide should use an app-specific path for shared memory files Status in Canonical System Image: Fix Committed Status in Oxide: Fix Released Status in Oxide 1.17 series: Fix Released Status in webapps-sprint: Fix Committed Status in apparmor-easyprof-ubuntu package in Ubuntu: Confirmed Bug description: Oxide creates shared memory files as /run/shm/.org.chromium.Chromium.*. This results in an AppArmor rule like the following: owner /run/shm/.org.chromium.Chromium.* rwk, But this rule is too lenient because a malicious app could enumerate these files and attack shared memory of other applications. Therefore, these paths need to be made application specific. To manage notifications about this bug go to: https://bugs.launchpad.net/canonical-devices-system-image/+bug/1260103/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1260103] Re: oxide should use an app-specific path for shared memory files
** Branch linked: lp:~oxide-developers/oxide/packaging.vivid.overlay -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to apparmor-easyprof-ubuntu in Ubuntu. https://bugs.launchpad.net/bugs/1260103 Title: oxide should use an app-specific path for shared memory files Status in Canonical System Image: Fix Committed Status in Oxide: Fix Released Status in Oxide 1.17 series: Fix Released Status in webapps-sprint: Fix Committed Status in apparmor-easyprof-ubuntu package in Ubuntu: Confirmed Bug description: Oxide creates shared memory files as /run/shm/.org.chromium.Chromium.*. This results in an AppArmor rule like the following: owner /run/shm/.org.chromium.Chromium.* rwk, But this rule is too lenient because a malicious app could enumerate these files and attack shared memory of other applications. Therefore, these paths need to be made application specific. To manage notifications about this bug go to: https://bugs.launchpad.net/canonical-devices-system-image/+bug/1260103/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1260103] Re: oxide should use an app-specific path for shared memory files
** Branch linked: lp:~oxide-developers/oxide/packaging.xenial.overlay -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to apparmor-easyprof-ubuntu in Ubuntu. https://bugs.launchpad.net/bugs/1260103 Title: oxide should use an app-specific path for shared memory files Status in Canonical System Image: Fix Committed Status in Oxide: Fix Released Status in Oxide 1.17 series: Fix Released Status in webapps-sprint: Fix Committed Status in apparmor-easyprof-ubuntu package in Ubuntu: Confirmed Bug description: Oxide creates shared memory files as /run/shm/.org.chromium.Chromium.*. This results in an AppArmor rule like the following: owner /run/shm/.org.chromium.Chromium.* rwk, But this rule is too lenient because a malicious app could enumerate these files and attack shared memory of other applications. Therefore, these paths need to be made application specific. To manage notifications about this bug go to: https://bugs.launchpad.net/canonical-devices-system-image/+bug/1260103/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1260103] Re: oxide should use an app-specific path for shared memory files
** Branch linked: lp:~oxide-developers/oxide/packaging.yakkety -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to apparmor-easyprof-ubuntu in Ubuntu. https://bugs.launchpad.net/bugs/1260103 Title: oxide should use an app-specific path for shared memory files Status in Canonical System Image: Fix Committed Status in Oxide: Fix Released Status in Oxide 1.17 series: Fix Released Status in webapps-sprint: Fix Committed Status in apparmor-easyprof-ubuntu package in Ubuntu: Confirmed Bug description: Oxide creates shared memory files as /run/shm/.org.chromium.Chromium.*. This results in an AppArmor rule like the following: owner /run/shm/.org.chromium.Chromium.* rwk, But this rule is too lenient because a malicious app could enumerate these files and attack shared memory of other applications. Therefore, these paths need to be made application specific. To manage notifications about this bug go to: https://bugs.launchpad.net/canonical-devices-system-image/+bug/1260103/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1260103] Re: oxide should use an app-specific path for shared memory files
** Changed in: oxide/1.17 Status: Fix Committed => Fix Released -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to apparmor-easyprof-ubuntu in Ubuntu. https://bugs.launchpad.net/bugs/1260103 Title: oxide should use an app-specific path for shared memory files Status in Canonical System Image: Fix Committed Status in Oxide: Fix Released Status in Oxide 1.17 series: Fix Released Status in webapps-sprint: Fix Committed Status in apparmor-easyprof-ubuntu package in Ubuntu: Confirmed Bug description: Oxide creates shared memory files as /run/shm/.org.chromium.Chromium.*. This results in an AppArmor rule like the following: owner /run/shm/.org.chromium.Chromium.* rwk, But this rule is too lenient because a malicious app could enumerate these files and attack shared memory of other applications. Therefore, these paths need to be made application specific. To manage notifications about this bug go to: https://bugs.launchpad.net/canonical-devices-system-image/+bug/1260103/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1260103] Re: oxide should use an app-specific path for shared memory files
** Changed in: canonical-devices-system-image Status: In Progress => Fix Committed -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to apparmor-easyprof-ubuntu in Ubuntu. https://bugs.launchpad.net/bugs/1260103 Title: oxide should use an app-specific path for shared memory files Status in Canonical System Image: Fix Committed Status in Oxide: Fix Released Status in Oxide 1.17 series: Fix Committed Status in webapps-sprint: Fix Committed Status in apparmor-easyprof-ubuntu package in Ubuntu: Confirmed Bug description: Oxide creates shared memory files as /run/shm/.org.chromium.Chromium.*. This results in an AppArmor rule like the following: owner /run/shm/.org.chromium.Chromium.* rwk, But this rule is too lenient because a malicious app could enumerate these files and attack shared memory of other applications. Therefore, these paths need to be made application specific. To manage notifications about this bug go to: https://bugs.launchpad.net/canonical-devices-system-image/+bug/1260103/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1260103] Re: oxide should use an app-specific path for shared memory files
** Changed in: oxide/1.17 Status: In Progress => Fix Committed -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to apparmor-easyprof-ubuntu in Ubuntu. https://bugs.launchpad.net/bugs/1260103 Title: oxide should use an app-specific path for shared memory files Status in Canonical System Image: In Progress Status in Oxide: Fix Released Status in Oxide 1.17 series: Fix Committed Status in webapps-sprint: Fix Committed Status in apparmor-easyprof-ubuntu package in Ubuntu: Confirmed Bug description: Oxide creates shared memory files as /run/shm/.org.chromium.Chromium.*. This results in an AppArmor rule like the following: owner /run/shm/.org.chromium.Chromium.* rwk, But this rule is too lenient because a malicious app could enumerate these files and attack shared memory of other applications. Therefore, these paths need to be made application specific. To manage notifications about this bug go to: https://bugs.launchpad.net/canonical-devices-system-image/+bug/1260103/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1260103] Re: oxide should use an app-specific path for shared memory files
** Changed in: oxide Status: In Progress => Fix Released ** Changed in: oxide/1.17 Status: Confirmed => In Progress -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to apparmor-easyprof-ubuntu in Ubuntu. https://bugs.launchpad.net/bugs/1260103 Title: oxide should use an app-specific path for shared memory files Status in Canonical System Image: In Progress Status in Oxide: Fix Released Status in Oxide 1.17 series: In Progress Status in webapps-sprint: Fix Committed Status in apparmor-easyprof-ubuntu package in Ubuntu: Confirmed Bug description: Oxide creates shared memory files as /run/shm/.org.chromium.Chromium.*. This results in an AppArmor rule like the following: owner /run/shm/.org.chromium.Chromium.* rwk, But this rule is too lenient because a malicious app could enumerate these files and attack shared memory of other applications. Therefore, these paths need to be made application specific. To manage notifications about this bug go to: https://bugs.launchpad.net/canonical-devices-system-image/+bug/1260103/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1260103] Re: oxide should use an app-specific path for shared memory files
** Changed in: oxide/1.17 Milestone: 1.17.4 => 1.17.5 -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to apparmor-easyprof-ubuntu in Ubuntu. https://bugs.launchpad.net/bugs/1260103 Title: oxide should use an app-specific path for shared memory files Status in Canonical System Image: In Progress Status in Oxide: In Progress Status in Oxide 1.17 series: Confirmed Status in webapps-sprint: Fix Committed Status in apparmor-easyprof-ubuntu package in Ubuntu: Confirmed Bug description: Oxide creates shared memory files as /run/shm/.org.chromium.Chromium.*. This results in an AppArmor rule like the following: owner /run/shm/.org.chromium.Chromium.* rwk, But this rule is too lenient because a malicious app could enumerate these files and attack shared memory of other applications. Therefore, these paths need to be made application specific. To manage notifications about this bug go to: https://bugs.launchpad.net/canonical-devices-system-image/+bug/1260103/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1260103] Re: oxide should use an app-specific path for shared memory files
Proposed fix for oxide: https://code.launchpad.net/~osomon/oxide/+git/oxide/+merge/303821. ** Also affects: oxide/1.17 Importance: Undecided Status: New ** Changed in: oxide/1.17 Assignee: (unassigned) => Olivier Tilloy (osomon) ** Changed in: oxide/1.17 Importance: Undecided => Medium ** Changed in: oxide/1.17 Status: New => Confirmed ** Changed in: oxide/1.17 Milestone: None => 1.17.4 -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to apparmor-easyprof-ubuntu in Ubuntu. https://bugs.launchpad.net/bugs/1260103 Title: oxide should use an app-specific path for shared memory files Status in Canonical System Image: In Progress Status in Oxide: In Progress Status in Oxide 1.17 series: Confirmed Status in webapps-sprint: Fix Committed Status in apparmor-easyprof-ubuntu package in Ubuntu: Confirmed Bug description: Oxide creates shared memory files as /run/shm/.org.chromium.Chromium.*. This results in an AppArmor rule like the following: owner /run/shm/.org.chromium.Chromium.* rwk, But this rule is too lenient because a malicious app could enumerate these files and attack shared memory of other applications. Therefore, these paths need to be made application specific. To manage notifications about this bug go to: https://bugs.launchpad.net/canonical-devices-system-image/+bug/1260103/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1260103] Re: oxide should use an app-specific path for shared memory files
** Changed in: oxide Milestone: branch-1.17 => branch-1.18 -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to apparmor-easyprof-ubuntu in Ubuntu. https://bugs.launchpad.net/bugs/1260103 Title: oxide should use an app-specific path for shared memory files Status in Canonical System Image: In Progress Status in Oxide: In Progress Status in webapps-sprint: Fix Committed Status in apparmor-easyprof-ubuntu package in Ubuntu: Confirmed Bug description: Oxide creates shared memory files as /run/shm/.org.chromium.Chromium.*. This results in an AppArmor rule like the following: owner /run/shm/.org.chromium.Chromium.* rwk, But this rule is too lenient because a malicious app could enumerate these files and attack shared memory of other applications. Therefore, these paths need to be made application specific. To manage notifications about this bug go to: https://bugs.launchpad.net/canonical-devices-system-image/+bug/1260103/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1260103] Re: oxide should use an app-specific path for shared memory files
** Changed in: oxide Status: Confirmed => In Progress -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to apparmor-easyprof-ubuntu in Ubuntu. https://bugs.launchpad.net/bugs/1260103 Title: oxide should use an app-specific path for shared memory files Status in Canonical System Image: In Progress Status in Oxide: In Progress Status in webapps-sprint: Fix Committed Status in apparmor-easyprof-ubuntu package in Ubuntu: Confirmed Bug description: Oxide creates shared memory files as /run/shm/.org.chromium.Chromium.*. This results in an AppArmor rule like the following: owner /run/shm/.org.chromium.Chromium.* rwk, But this rule is too lenient because a malicious app could enumerate these files and attack shared memory of other applications. Therefore, these paths need to be made application specific. To manage notifications about this bug go to: https://bugs.launchpad.net/canonical-devices-system-image/+bug/1260103/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1260103] Re: oxide should use an app-specific path for shared memory files
Re-opening for oxide as it turns out APP_PKGNAME is not an environment variable that is being set anywhere for click apps. According to https://developer.ubuntu.com/en/phone/platform/guides/app-confinement/, its value can be inferred like this: APP_PKGNAME = APP_ID.split('_')[0] ** Changed in: oxide Status: Fix Released => Confirmed -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to apparmor-easyprof-ubuntu in Ubuntu. https://bugs.launchpad.net/bugs/1260103 Title: oxide should use an app-specific path for shared memory files Status in Canonical System Image: In Progress Status in Oxide: Confirmed Status in webapps-sprint: Fix Committed Status in apparmor-easyprof-ubuntu package in Ubuntu: Confirmed Bug description: Oxide creates shared memory files as /run/shm/.org.chromium.Chromium.*. This results in an AppArmor rule like the following: owner /run/shm/.org.chromium.Chromium.* rwk, But this rule is too lenient because a malicious app could enumerate these files and attack shared memory of other applications. Therefore, these paths need to be made application specific. To manage notifications about this bug go to: https://bugs.launchpad.net/canonical-devices-system-image/+bug/1260103/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1260103] Re: oxide should use an app-specific path for shared memory files
** Branch linked: lp:~tyhicks/apparmor-easyprof-ubuntu/lp1260103 -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to apparmor-easyprof-ubuntu in Ubuntu. https://bugs.launchpad.net/bugs/1260103 Title: oxide should use an app-specific path for shared memory files Status in Canonical System Image: In Progress Status in Oxide: Fix Released Status in webapps-sprint: Fix Committed Status in apparmor-easyprof-ubuntu package in Ubuntu: Confirmed Bug description: Oxide creates shared memory files as /run/shm/.org.chromium.Chromium.*. This results in an AppArmor rule like the following: owner /run/shm/.org.chromium.Chromium.* rwk, But this rule is too lenient because a malicious app could enumerate these files and attack shared memory of other applications. Therefore, these paths need to be made application specific. To manage notifications about this bug go to: https://bugs.launchpad.net/canonical-devices-system-image/+bug/1260103/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1260103] Re: oxide should use an app-specific path for shared memory files
** Changed in: webapps-sprint Status: Triaged => In Progress ** Changed in: webapps-sprint Status: In Progress => Fix Committed -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to apparmor-easyprof-ubuntu in Ubuntu. https://bugs.launchpad.net/bugs/1260103 Title: oxide should use an app-specific path for shared memory files Status in Canonical System Image: In Progress Status in Oxide: Fix Released Status in webapps-sprint: Fix Committed Status in apparmor-easyprof-ubuntu package in Ubuntu: Confirmed Bug description: Oxide creates shared memory files as /run/shm/.org.chromium.Chromium.*. This results in an AppArmor rule like the following: owner /run/shm/.org.chromium.Chromium.* rwk, But this rule is too lenient because a malicious app could enumerate these files and attack shared memory of other applications. Therefore, these paths need to be made application specific. To manage notifications about this bug go to: https://bugs.launchpad.net/canonical-devices-system-image/+bug/1260103/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1260103] Re: oxide should use an app-specific path for shared memory files
** Also affects: webapps-sprint Importance: Undecided Status: New ** Changed in: webapps-sprint Assignee: (unassigned) => David Barth (dbarth) ** Changed in: webapps-sprint Milestone: None => sprint-25 ** Changed in: webapps-sprint Importance: Undecided => Medium ** Changed in: webapps-sprint Status: New => Triaged ** Changed in: apparmor-easyprof-ubuntu (Ubuntu) Assignee: (unassigned) => Jamie Strandboge (jdstrand) -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to apparmor-easyprof-ubuntu in Ubuntu. https://bugs.launchpad.net/bugs/1260103 Title: oxide should use an app-specific path for shared memory files Status in Canonical System Image: In Progress Status in Oxide: Fix Released Status in webapps-sprint: Triaged Status in apparmor-easyprof-ubuntu package in Ubuntu: Confirmed Bug description: Oxide creates shared memory files as /run/shm/.org.chromium.Chromium.*. This results in an AppArmor rule like the following: owner /run/shm/.org.chromium.Chromium.* rwk, But this rule is too lenient because a malicious app could enumerate these files and attack shared memory of other applications. Therefore, these paths need to be made application specific. To manage notifications about this bug go to: https://bugs.launchpad.net/canonical-devices-system-image/+bug/1260103/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1260103] Re: oxide should use an app-specific path for shared memory files
** Also affects: canonical-devices-system-image Importance: Undecided Status: New ** Changed in: canonical-devices-system-image Importance: Undecided => Medium ** Changed in: canonical-devices-system-image Status: New => In Progress ** Changed in: canonical-devices-system-image Milestone: None => 13 ** Changed in: canonical-devices-system-image Assignee: (unassigned) => David Barth (dbarth) -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to apparmor-easyprof-ubuntu in Ubuntu. https://bugs.launchpad.net/bugs/1260103 Title: oxide should use an app-specific path for shared memory files Status in Canonical System Image: In Progress Status in Oxide: Fix Released Status in apparmor-easyprof-ubuntu package in Ubuntu: Confirmed Bug description: Oxide creates shared memory files as /run/shm/.org.chromium.Chromium.*. This results in an AppArmor rule like the following: owner /run/shm/.org.chromium.Chromium.* rwk, But this rule is too lenient because a malicious app could enumerate these files and attack shared memory of other applications. Therefore, these paths need to be made application specific. To manage notifications about this bug go to: https://bugs.launchpad.net/canonical-devices-system-image/+bug/1260103/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1260103] Re: oxide should use an app-specific path for shared memory files
This is now fixed in oxide, the apparmor-easyprof-ubuntu counterpart needs to be implemented. ** Changed in: oxide Status: In Progress => Fix Released -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to apparmor-easyprof-ubuntu in Ubuntu. https://bugs.launchpad.net/bugs/1260103 Title: oxide should use an app-specific path for shared memory files Status in Oxide: Fix Released Status in apparmor-easyprof-ubuntu package in Ubuntu: Confirmed Bug description: Oxide creates shared memory files as /run/shm/.org.chromium.Chromium.*. This results in an AppArmor rule like the following: owner /run/shm/.org.chromium.Chromium.* rwk, But this rule is too lenient because a malicious app could enumerate these files and attack shared memory of other applications. Therefore, these paths need to be made application specific. To manage notifications about this bug go to: https://bugs.launchpad.net/oxide/+bug/1260103/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1260103] Re: oxide should use an app-specific path for shared memory files
Against oxide master: https://code.launchpad.net/~osomon/oxide/+git/oxide/+merge/300869 -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to apparmor-easyprof-ubuntu in Ubuntu. https://bugs.launchpad.net/bugs/1260103 Title: oxide should use an app-specific path for shared memory files Status in Oxide: In Progress Status in apparmor-easyprof-ubuntu package in Ubuntu: Confirmed Bug description: Oxide creates shared memory files as /run/shm/.org.chromium.Chromium.*. This results in an AppArmor rule like the following: owner /run/shm/.org.chromium.Chromium.* rwk, But this rule is too lenient because a malicious app could enumerate these files and attack shared memory of other applications. Therefore, these paths need to be made application specific. To manage notifications about this bug go to: https://bugs.launchpad.net/oxide/+bug/1260103/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1260103] Re: oxide should use an app-specific path for shared memory files
Oxide merge request: https://code.launchpad.net/~osomon/oxide/+git/oxide/+merge/300863 -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to apparmor-easyprof-ubuntu in Ubuntu. https://bugs.launchpad.net/bugs/1260103 Title: oxide should use an app-specific path for shared memory files Status in Oxide: In Progress Status in apparmor-easyprof-ubuntu package in Ubuntu: Confirmed Bug description: Oxide creates shared memory files as /run/shm/.org.chromium.Chromium.*. This results in an AppArmor rule like the following: owner /run/shm/.org.chromium.Chromium.* rwk, But this rule is too lenient because a malicious app could enumerate these files and attack shared memory of other applications. Therefore, these paths need to be made application specific. To manage notifications about this bug go to: https://bugs.launchpad.net/oxide/+bug/1260103/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1260103] Re: oxide should use an app-specific path for shared memory files
This is how the code that overrides the path for shared memory in oxide would look like. How does that look? base::FilePath GetSharedMemoryPath() { // snap packages const char* tmp = getenv("SNAP_NAME"); if (tmp) { return base::FilePath(std::string("/dev/shm/snap.") + tmp + ".oxide"); } // click packages tmp = getenv("APP_PKGNAME"); if (tmp) { return base::FilePath(std::string("/dev/shm/") + tmp + ".oxide"); } // default return base::FilePath("/dev/shm"); } -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to apparmor-easyprof-ubuntu in Ubuntu. https://bugs.launchpad.net/bugs/1260103 Title: oxide should use an app-specific path for shared memory files Status in Oxide: In Progress Status in apparmor-easyprof-ubuntu package in Ubuntu: Confirmed Bug description: Oxide creates shared memory files as /run/shm/.org.chromium.Chromium.*. This results in an AppArmor rule like the following: owner /run/shm/.org.chromium.Chromium.* rwk, But this rule is too lenient because a malicious app could enumerate these files and attack shared memory of other applications. Therefore, these paths need to be made application specific. To manage notifications about this bug go to: https://bugs.launchpad.net/oxide/+bug/1260103/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1260103] Re: oxide should use an app-specific path for shared memory files
Thanks Tyler, that sounds good. I’ll start the work on oxide and we can synchronize next week to adjust the paths. -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to apparmor-easyprof-ubuntu in Ubuntu. https://bugs.launchpad.net/bugs/1260103 Title: oxide should use an app-specific path for shared memory files Status in Oxide: In Progress Status in apparmor-easyprof-ubuntu package in Ubuntu: Confirmed Bug description: Oxide creates shared memory files as /run/shm/.org.chromium.Chromium.*. This results in an AppArmor rule like the following: owner /run/shm/.org.chromium.Chromium.* rwk, But this rule is too lenient because a malicious app could enumerate these files and attack shared memory of other applications. Therefore, these paths need to be made application specific. To manage notifications about this bug go to: https://bugs.launchpad.net/oxide/+bug/1260103/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1260103] Re: oxide should use an app-specific path for shared memory files
Regarding the apparmor-easyprof-ubuntu changes and landing, it'll likely be Jamie next week or either of us the week after. -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to apparmor-easyprof-ubuntu in Ubuntu. https://bugs.launchpad.net/bugs/1260103 Title: oxide should use an app-specific path for shared memory files Status in Oxide: In Progress Status in apparmor-easyprof-ubuntu package in Ubuntu: Confirmed Bug description: Oxide creates shared memory files as /run/shm/.org.chromium.Chromium.*. This results in an AppArmor rule like the following: owner /run/shm/.org.chromium.Chromium.* rwk, But this rule is too lenient because a malicious app could enumerate these files and attack shared memory of other applications. Therefore, these paths need to be made application specific. To manage notifications about this bug go to: https://bugs.launchpad.net/oxide/+bug/1260103/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1260103] Re: oxide should use an app-specific path for shared memory files
Yes, that’s fine by me. I just wanted to have some sort of agreement before writing any code. Who can/will do the change to apparmor- easyprof-ubuntu? -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to apparmor-easyprof-ubuntu in Ubuntu. https://bugs.launchpad.net/bugs/1260103 Title: oxide should use an app-specific path for shared memory files Status in Oxide: In Progress Status in apparmor-easyprof-ubuntu package in Ubuntu: Confirmed Bug description: Oxide creates shared memory files as /run/shm/.org.chromium.Chromium.*. This results in an AppArmor rule like the following: owner /run/shm/.org.chromium.Chromium.* rwk, But this rule is too lenient because a malicious app could enumerate these files and attack shared memory of other applications. Therefore, these paths need to be made application specific. To manage notifications about this bug go to: https://bugs.launchpad.net/oxide/+bug/1260103/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1260103] Re: oxide should use an app-specific path for shared memory files
I think using APP_PKGNAME on the phone makes sense. However, I think we'd want the the APP_PKGNAME to be the leading string in the filename so that we can use "/{dev,run}/shm/${APP_PKGNAME}*" instead of "/{dev,run}/shm/*${APP_PKGNAME}*". -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to apparmor-easyprof-ubuntu in Ubuntu. https://bugs.launchpad.net/bugs/1260103 Title: oxide should use an app-specific path for shared memory files Status in Oxide: In Progress Status in apparmor-easyprof-ubuntu package in Ubuntu: Confirmed Bug description: Oxide creates shared memory files as /run/shm/.org.chromium.Chromium.*. This results in an AppArmor rule like the following: owner /run/shm/.org.chromium.Chromium.* rwk, But this rule is too lenient because a malicious app could enumerate these files and attack shared memory of other applications. Therefore, these paths need to be made application specific. To manage notifications about this bug go to: https://bugs.launchpad.net/oxide/+bug/1260103/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1260103] Re: oxide should use an app-specific path for shared memory files
For current (click) apps on the phone, the APP_PKGNAME variable is used to parametrize apparmor policies. According to https://wiki.ubuntu.com/AppStore/Interfaces/ApplicationId, this is the name of the click package (e.g. "com.ubuntu.foo"). However there are currently no existing rules to allow /{dev,run}/shm/*${APP_PKGNAME}*, so apparmor-easyprof-ubuntu would need to be updated to add such a rule. I’m fine with using PathService, but that will result in a slightly more intrusive patch to chromium. I think I’d rather rely entirely on environment variable, rather than adding a command-line option. -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to apparmor-easyprof-ubuntu in Ubuntu. https://bugs.launchpad.net/bugs/1260103 Title: oxide should use an app-specific path for shared memory files Status in Oxide: In Progress Status in apparmor-easyprof-ubuntu package in Ubuntu: Confirmed Bug description: Oxide creates shared memory files as /run/shm/.org.chromium.Chromium.*. This results in an AppArmor rule like the following: owner /run/shm/.org.chromium.Chromium.* rwk, But this rule is too lenient because a malicious app could enumerate these files and attack shared memory of other applications. Therefore, these paths need to be made application specific. To manage notifications about this bug go to: https://bugs.launchpad.net/oxide/+bug/1260103/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1260103] Re: oxide should use an app-specific path for shared memory files
That won't work for child processes, where the environment variable won't exist. Also, we should have something that works for current apps on the phone (I assume there's a different environment variable for that). If you're not using PathService, there would at least need to be a command line option to make this work. -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to apparmor-easyprof-ubuntu in Ubuntu. https://bugs.launchpad.net/bugs/1260103 Title: oxide should use an app-specific path for shared memory files Status in Oxide: In Progress Status in apparmor-easyprof-ubuntu package in Ubuntu: Confirmed Bug description: Oxide creates shared memory files as /run/shm/.org.chromium.Chromium.*. This results in an AppArmor rule like the following: owner /run/shm/.org.chromium.Chromium.* rwk, But this rule is too lenient because a malicious app could enumerate these files and attack shared memory of other applications. Therefore, these paths need to be made application specific. To manage notifications about this bug go to: https://bugs.launchpad.net/oxide/+bug/1260103/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1260103] Re: oxide should use an app-specific path for shared memory files
And here is what such a patch would look like: diff --git a/base/files/file_util_posix.cc b/base/files/file_util_posix.cc index 42de931..f9dec07 100644 --- a/base/files/file_util_posix.cc +++ b/base/files/file_util_posix.cc @@ -139,6 +139,10 @@ std::string TempFileName() { #if defined(GOOGLE_CHROME_BUILD) return std::string(".com.google.Chrome.XX"); #else + const char* tmp = getenv("SNAP_NAME"); + if (tmp) { +return std::string("snap.").append(tmp).append(".XX"); + } return std::string(".org.chromium.Chromium.XX"); #endif } ** Changed in: oxide Milestone: None => branch-1.17 ** Changed in: oxide Status: Triaged => In Progress -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to apparmor-easyprof-ubuntu in Ubuntu. https://bugs.launchpad.net/bugs/1260103 Title: oxide should use an app-specific path for shared memory files Status in Oxide: In Progress Status in apparmor-easyprof-ubuntu package in Ubuntu: Confirmed Bug description: Oxide creates shared memory files as /run/shm/.org.chromium.Chromium.*. This results in an AppArmor rule like the following: owner /run/shm/.org.chromium.Chromium.* rwk, But this rule is too lenient because a malicious app could enumerate these files and attack shared memory of other applications. Therefore, these paths need to be made application specific. To manage notifications about this bug go to: https://bugs.launchpad.net/oxide/+bug/1260103/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1260103] Re: oxide should use an app-specific path for shared memory files
> I would modify base::GetShmemTempDir() to lookup a path via > base::PathService and then have Oxide override this. GetShmemTempDir() tries to create a temp file under /dev/shm/, so the problem is not the path itself, it’s the name of the temp file under that path. IIUC what needs to be modified is the TempFileName() function, to return something like "snap.${SNAP_NAME}.XX", if SNAP_NAME is defined, and fall back to the default value, ".org.chromium.Chromium.XX". -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to apparmor-easyprof-ubuntu in Ubuntu. https://bugs.launchpad.net/bugs/1260103 Title: oxide should use an app-specific path for shared memory files Status in Oxide: In Progress Status in apparmor-easyprof-ubuntu package in Ubuntu: Confirmed Bug description: Oxide creates shared memory files as /run/shm/.org.chromium.Chromium.*. This results in an AppArmor rule like the following: owner /run/shm/.org.chromium.Chromium.* rwk, But this rule is too lenient because a malicious app could enumerate these files and attack shared memory of other applications. Therefore, these paths need to be made application specific. To manage notifications about this bug go to: https://bugs.launchpad.net/oxide/+bug/1260103/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1260103] Re: oxide should use an app-specific path for shared memory files
For applications packaged as snaps, snappy-debug suggests writing to "/dev/shm/snap.$SNAP_NAME.*". -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to apparmor-easyprof-ubuntu in Ubuntu. https://bugs.launchpad.net/bugs/1260103 Title: oxide should use an app-specific path for shared memory files Status in Oxide: Triaged Status in apparmor-easyprof-ubuntu package in Ubuntu: Confirmed Bug description: Oxide creates shared memory files as /run/shm/.org.chromium.Chromium.*. This results in an AppArmor rule like the following: owner /run/shm/.org.chromium.Chromium.* rwk, But this rule is too lenient because a malicious app could enumerate these files and attack shared memory of other applications. Therefore, these paths need to be made application specific. To manage notifications about this bug go to: https://bugs.launchpad.net/oxide/+bug/1260103/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1260103] Re: oxide should use an app-specific path for shared memory files
I would modify base::GetShmemTempDir() to lookup a path via base::PathService and then have Oxide override this. You'll need to add a new key in base/base_paths_posix.h as well. -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to apparmor-easyprof-ubuntu in Ubuntu. https://bugs.launchpad.net/bugs/1260103 Title: oxide should use an app-specific path for shared memory files Status in Oxide: Triaged Status in apparmor-easyprof-ubuntu package in Ubuntu: Confirmed Bug description: Oxide creates shared memory files as /run/shm/.org.chromium.Chromium.*. This results in an AppArmor rule like the following: owner /run/shm/.org.chromium.Chromium.* rwk, But this rule is too lenient because a malicious app could enumerate these files and attack shared memory of other applications. Therefore, these paths need to be made application specific. To manage notifications about this bug go to: https://bugs.launchpad.net/oxide/+bug/1260103/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1260103] Re: oxide should use an app-specific path for shared memory files
** Changed in: oxide Assignee: (unassigned) => Olivier Tilloy (osomon) ** Changed in: oxide Status: New => Triaged -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to apparmor-easyprof-ubuntu in Ubuntu. https://bugs.launchpad.net/bugs/1260103 Title: oxide should use an app-specific path for shared memory files Status in Oxide: Triaged Status in apparmor-easyprof-ubuntu package in Ubuntu: Confirmed Bug description: Oxide creates shared memory files as /run/shm/.org.chromium.Chromium.*. This results in an AppArmor rule like the following: owner /run/shm/.org.chromium.Chromium.* rwk, But this rule is too lenient because a malicious app could enumerate these files and attack shared memory of other applications. Therefore, these paths need to be made application specific. To manage notifications about this bug go to: https://bugs.launchpad.net/oxide/+bug/1260103/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1260103] Re: oxide should use an app-specific path for shared memory files
** Changed in: apparmor-easyprof-ubuntu (Ubuntu) Status: New => Confirmed -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to apparmor-easyprof-ubuntu in Ubuntu. https://bugs.launchpad.net/bugs/1260103 Title: oxide should use an app-specific path for shared memory files Status in Oxide Webview: New Status in “apparmor-easyprof-ubuntu” package in Ubuntu: Confirmed Bug description: Oxide creates shared memory files as /run/shm/.org.chromium.Chromium.*. This results in an AppArmor rule like the following: owner /run/shm/.org.chromium.Chromium.* rwk, But this rule is too lenient because a malicious app could enumerate these files and attack shared memory of other applications. Therefore, these paths need to be made application specific. To manage notifications about this bug go to: https://bugs.launchpad.net/oxide/+bug/1260103/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp