[Bug 1381620] [NEW] apparmor read denial on ~/.cache/QML/Apps/

Wed, 15 Oct 2014 09:31:21 -0700 

Public bug reported:

I observed the following denials:
apparmor="DENIED" operation="open" 
profile="com.ubuntu.developer.webapps.googleplus_googleplus_0.3" 
name="/home/phablet/.cache/QML/Apps/" pid=NNN comm="webapp-containe" 
requested_mask="r" denied_mask="r" fsuid=32011 ouid=32011
apparmor="DENIED" operation="open" 
profile="com.ubuntu.developer.webapps.webapp-facebook_webapp-facebook_1.0.26" 
name="/home/phablet/.cache/QML/Apps/" pid=NNN comm="webapp-containe" 
requested_mask="r" denied_mask="r" fsuid=32011 ouid=32011

Apps should not have read access to the .cache/QML/Apps/ because that
would be a privacy leak. After talking to ricmm on IRC, this is a noisy
denial (ie, the app otherwise functions fine and the cache is used), but
it is something that should be fixed in qtdeclarative-opensource-src to
not confuse users.

** Affects: qtdeclarative-opensource-src (Ubuntu)
     Importance: Critical
     Assignee: Ricardo Mendoza (ricmm)
         Status: Triaged


** Tags: application-confinement

** Description changed:

  I observed the following denials:
  apparmor="DENIED" operation="open" 
profile="com.ubuntu.developer.webapps.googleplus_googleplus_0.3" 
name="/home/phablet/.cache/QML/Apps/" pid=NNN comm="webapp-containe" 
requested_mask="r" denied_mask="r" fsuid=32011 ouid=32011
  apparmor="DENIED" operation="open" 
profile="com.ubuntu.developer.webapps.webapp-facebook_webapp-facebook_1.0.26" 
name="/home/phablet/.cache/QML/Apps/" pid=NNN comm="webapp-containe" 
requested_mask="r" denied_mask="r" fsuid=32011 ouid=32011
  
  Apps should not have read access to the .cache/QML/Apps/ because that
  would be a privacy leak. After talking to ricmm on IRC, this is a noisy
  denial (ie, the app otherwise functions fine and the cache is used), but
- it is something that should be fixed to not confuse users.
+ it is something that should be fixed in qtdeclarative-opensource-src to
+ not confuse users.

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1381620

Title:
  apparmor read denial on ~/.cache/QML/Apps/

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/qtdeclarative-opensource-src/+bug/1381620/+subscriptions

-- 
ubuntu-bugs mailing list
[email protected]
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

Reply via email to