ship enforcing apparmor profile for evince

Could you describe what is the issue exactly and what you want to change?

Well, this was more of a placeholder bug for me, which is why I assigned it to myself, but the basic idea is that evince uses poppler and various image libraries to process potentially untrusted input. There have been a lot of security vulnerabilities in these libraries (especially poppler), so providing an apparmor profile to confine evince (like we do with CUPS, dhclient3 and others) is highly desirable. This was identified as an important application to confine at UDS Karmic and a profile has been in development for a while (http://bazaar.launchpad.net/~ubuntu-core-dev/apparmor/profiles-devel/annotate/head%3A/usr.bin.evince).

Sebastien: I will of course work with you in terms of deployment and it is possible that the profile will be opt-in only, just as we plan to do with firefox-3.5. I'll be sure to talk to you more when I am ready to start packaging the profile.

This bug was fixed in the package evince - 2.27.90-0ubuntu2

---------------
evince (2.27.90-0ubuntu2) karmic; urgency=low

  * add enforcing AppArmor profile (LP: #382913)
    - add debian/evince.dirs: create etc/apparmor.d/abstractions directory
    - add debian/evince.postinst: reload AppArmor profile
    - add debian/evince.postrm: cleanup apparmor force-complain and disable
      directories
    - add debian/apparmor-profile
    - debian/rules: install apparmor-profile and abstraction
    - add debian/README.Debian
    - debian/control: Suggests apparmor

 -- Jamie Strandboge <email address hidden> Wed, 12 Aug 2009 11:44:58 -0500