Thanks for updating the apparmor profiles. These are really coming along nicely. I took another look at these two today:
https://github.com/lenovo/lenovo-wwan-unlock/blob/ubuntu- oem/debian/opt.fcc_lenovo.DPR_Fcc_unlock_service I'm surprised by this line: include <abstractions/dbus> Does this tool actually use dbus for something? https://github.com/lenovo/lenovo-wwan-unlock/blob/ubuntu-oem/debian/opt.fcc_lenovo.configservice_lenovo This line seems out of place: include <abstractions/openssl> What resources were used that caused this? It feels likely to be a mistake. This line seems too broad: owner /run/* rw, What resources were used that caused this? If the application really uses completely unpredictable pathnames in this directory, that feels like an opportunity for improvement on their part. I also took a look at the systemd service file https://github.com/lenovo/lenovo-wwan-unlock/blob/ubuntu- oem/debian/lenovo-fccunlock.service but there's no systemcall filtering here. Is it on another branch? Or still to come? Thanks -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2058192 Title: [MIR] lenovo-wwan-unlock To manage notifications about this bug go to: https://bugs.launchpad.net/oem-priority/+bug/2058192/+subscriptions -- ubuntu-bugs mailing list [email protected] https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
