Thinking over this has made me rethink how guest sessions are implemented in LightDM. The AppArmor code has always been an awkward fit in the daemon (which can't possibly know what resources a session will require). I propose for LightDM 1.6 that the guest sessions are externally defined with their own AppArmor profiles like the proposal for remote sessions is done (bug 1050739).
The downside of all this is each session requires its own AppArmor profile which will probably all be quite similar. I don't know if AppArmour has any support for simplifying this. -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1049849 Title: "Remote Login" account not confined by guest AppArmor profile To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/lightdm/+bug/1049849/+subscriptions -- ubuntu-bugs mailing list [email protected] https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
