** Description changed: Binary package hint: gnome-control-center Nautilus normally uses gnome-thumbnail-font, to provide font previews. Eg: $ gconftool-2 -g /desktop/gnome/thumbnailers/application@x-font-ttf/enable true $ gconftool-2 -g /desktop/gnome/thumbnailers/application@x-font-ttf/command gnome-thumbnail-font %u %o If a flaw is discovered in a font library or Gnome and a user navigates - to a directory that has a malicious font file, gnome-tumbnail-font could - be used to execute arbitrary code, write out to files or leak + to a directory that has a malicious font file, gnome-thumbnail-font + could be used to execute arbitrary code, write out to files or leak information. Providing an apparmor profile for gnome-thumbnail-font would be a good step towards proactively protecting the user from this sort of attack. - nautilus also use totem-video-thumbnail and evince-thumbnailer. evince- - thumbnailer has an apparmor profile already. For images, nautilus uses - gdk-pixbuf routines via gnome-desktop, but these can be altered to use - evince-thumbnailer by installing schema files for these images. + The same can be said for other thumbnailers. Nautilus also uses totem- + video-thumbnail and evince-thumbnailer (evince-thumbnailer has an + apparmor profile already). For images, nautilus uses gdk-pixbuf routines + via gnome-desktop, but these can be altered to use evince-thumbnailer by + installing schema files for the various image mime-types and updating + gnome-desktop to not fallback to gdk-pixbuf on thumbnail script error.
-- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/715874 Title: gnome thumbnailers should have an apparmor profile -- ubuntu-bugs mailing list [email protected] https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
