add peer=(label=unconfined) to existing dbus rules
Bug #1383824 reported by
Jamie Strandboge
This bug affects 1 person
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
apparmor-easyprof-ubuntu (Ubuntu) |
Fix Released
|
Medium
|
Jamie Strandboge |
Bug Description
Adding peer=(label=
Related branches
Changed in apparmor-easyprof-ubuntu (Ubuntu): | |
status: | New → Triaged |
importance: | Undecided → Medium |
description: | updated |
description: | updated |
tags: | added: aplication-confinement |
Changed in apparmor-easyprof-ubuntu (Ubuntu): | |
assignee: | nobody → Jamie Strandboge (jdstrand) |
milestone: | none → ubuntu-15.04 |
To post a comment you must log in.
This bug was fixed in the package apparmor- easyprof- ubuntu - 1.3.1
--------------- easyprof- ubuntu (1.3.1) vivid; urgency=medium
apparmor-
* ubuntu/ubuntu-sdk: opensource- src freedesktop. Application" since 1.3/ubuntu- sdk: drop html5-container policy. html5 apps should use container and specify the 'webview' policy group with 1.3 (15.04) ubuntu- scope-network, pending/ ubuntu- scope-local- content: allow unconfined) to prevent {music, pictures, video}_ files*: allow access to global SD card
- explicitly deny reads on ~/.cache/QML/Apps/ to silence noisy denials.
Undo this when LP: 1381620 is fixed in qtdeclarative-
- explicitly deny dbus bind on name="org.
it is noisy. Undo this when LP: 1378823 is fixed in ubuntu-ui-toolkit
* ubuntu/
webapp-
policy (LP: #1392461)
* ubuntu/
scopes to read data from the apps data dir (LP: #1384286)
* adjust all dbus rules to use peer=(label=
coordinated communications between apps over DBus (LP: #1383824)
* ubuntu/
directories (LP: #1391930)
* debian/control: Depends on apparmor >= 2.8.98-0ubuntu2~ for the dbus peer
changes (we need at least apparmor_parser 2.9.beta4 for these)
-- Jamie Strandboge <email address hidden> Mon, 15 Dec 2014 15:53:32 +0000