** Description changed:
Karmic will be shipping an apparmor profile for firefox (bug #382917). This
is a spec for the security team. Due to packaging constraints and maintenance,
it must use matching for the profile name. Eg, with a profile name specified
like this:
/usr/lib/firefox-3.5.*/firefox {
...
/usr/lib/firefox-3.5.2/firefox attaches and works (good).
However, this causes problems:
- a) it improperly matches the *files* /usr/lib/firefox-3.5.foo,
/usr/lib/firefox-3.5.bar
- b) '/usr/lib/** ux' is too greedy-- ie will match /usr/l if nothing else is
available
- c) '/usr/bin/** px' won't attach if the profiled is confined
+ a) profile is attached from unconfined, but not from confined processes. This
reduces the security of the already shipping AppArmor profile for evince, which
allows transitions to firefox
+ b) it improperly matches the *files* /usr/lib/firefox-3.5.foo,
/usr/lib/firefox-3.5.bar
+ c) '/usr/lib/** ux' is too greedy-- ie will match /usr/l if nothing else is
available
+ d) '/usr/bin/** px' won't attach if the profiled is confined
These issues are a surprising side-effect of using matching in the
profile name, and will cause bugs and problems when people modify the
firefox profile or develop their own profiles using profile name
matching.
--
profile name matching behaves unexpectedly
https://bugs.launchpad.net/bugs/419308
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
--
ubuntu-bugs mailing list
[email protected]
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
