Jamie,
thanks for the elaborate explanation and directing the issue where it
matters.
I'd just like to comment on switching the issue to "firefox" package and
"the firefox profile can be adjusted to remove the user-files
abstraction ..."
Removal of "user-files" abstraction would weaken the security because
user-files contains explicit DENY rules for ~/.ssh and kde|gnome
wallets, as well as ~/.gpg (!!). While that would, in turn, also imply
removal of "@{HOME}/** r" ruleset, and thus imply no access to files in
user's HOME directory at all, it would compound with default Firefox'
policy of "/**/ r," which would then allow at least listing of all user
files.
The user-files abstraction is important. It protects known sensitive
files, but it should also deny all access to anything but ~/Downloads
and/or ~/Public. With a few comments with which the user can be directed
to easily re-enable full @{HOME} access if she or he so desires.
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1662501
Title:
since the apparmor profile is disabled by default, please make the
apparmor policy strict with option to make less strict
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/firefox/+bug/1662501/+subscriptions
--
ubuntu-bugs mailing list
[email protected]
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
