"Is it OK to drop the leaf-net and unconfined components from the path?
Currently, a confined scope relies on being able to create the final
path component *itself* by calling mkdir(). So, assuming that
~/.local/share/unity-scopes/leaf-net exists, the scope will try to
create ~/.local/share/unity-scopes/leaf-net/@{APP_PKG_NAME}."
No. This is important for isolation between scopes if we ever decide to
support other scope templates to protect against certain types of
attacks via differently versioned apps.
** Also affects: click-reviewers-tools (Ubuntu)
Importance: Undecided
Status: New
** Changed in: click-reviewers-tools (Ubuntu)
Status: New => In Progress
** Changed in: apparmor-easyprof-ubuntu (Ubuntu)
Status: Triaged => In Progress
** Changed in: click-reviewers-tools (Ubuntu)
Importance: Undecided => High
** Changed in: click-reviewers-tools (Ubuntu)
Assignee: (unassigned) => Jamie Strandboge (jdstrand)
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to apparmor-easyprof-ubuntu
in Ubuntu.
https://bugs.launchpad.net/bugs/1384286
Title:
add directory allowing scopes and apps to share data
Status in “apparmor-easyprof-ubuntu” package in Ubuntu:
In Progress
Status in “click-reviewers-tools” package in Ubuntu:
In Progress
Bug description:
Summary says it all, just need to decide on the directory. I propose using
this rule:
# Allow scopes to share data with the app shipped in the same click
owner @{HOME}/.local/share/@{APP_PKGNAME}/ rw,
owner @{HOME}/.local/share/@{APP_PKGNAME}/** mrwkl,
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/apparmor-easyprof-ubuntu/+bug/1384286/+subscriptions
--
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help : https://help.launchpad.net/ListHelp
