Why such a sensitive software like Libreoffice, particularly exposed (because it's used to open externally provided document) would, by default, grant access to private keys (which are usually on of the most sensitive part of the system).
It's the exact opposite of apparmor's purpose: a complex/exposed software having access to a sensitive, well-identified, private file. The convenience-security trade-off (and the use-cases/typical user modelling seem slightly off) IMHO ~/.gnupg shouldn't be readable by default but the Apparmor profile made in such a way that it can be easily enabled for users actually signing their documents with GnuPG -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1886092 Title: libreoffice doesn't list gpg private key for a digital signature due to apparmor To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/libreoffice/+bug/1886092/+subscriptions -- ubuntu-bugs mailing list [email protected] https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
