Hi,
I'm a bit confused by this bug report, as chromium doesn't include any
apparmor profiles.
Please run the following commands to hopefully figure out what package
is actually providing the profile:
find /etc/apparmor* -name "*hromium*" | xargs dpkg -S
Thanks,
Andres
On Sun, Feb 26 2023 at 05:48:38 PM +0100, Will B. <ksu...@gmail.com>
wrote:
Package: chromium
Version: 110.0.5481.177-1
Severity: important
Tags: upstream
X-Debbugs-Cc: ksu...@gmail.com
Dear Maintainer,
Before I begin, the Chromium AppArmor profile in Sid was updated
after apt-get
update && apt-get upgrade.
Please redirect to relevant authority if Chromium reportbug is not
the right
source.
///
* What led up to the situation? -> Chromium AppArmor profile update
after apt-
get update && apt-get upgrade.
* What exactly did you do (or not do) that was effective (or
ineffective)? ->
fixed the issue by adding a missing "/" to the profile.
* What was the outcome of this action? -> The Chromium AppArmor
profile
restricted access as it should have done.
* What outcome did you expect instead? -> None, fix fixed it.
///
Hi,
After a Chromium Sid update in which the AppArmor profile was updated
(last
date -> 02/07/2023),
a missing "/" opened up browsing to the whole system i.e. -> "/** r,"
instead
of "/**/ r,".
Switching to the "enclosed" stars symbol fixes the issue.
Regards
-- System Information:
Debian Release: bookworm/sid
APT prefers testing
APT policy: (990, 'testing'), (50, 'unstable')
Architecture: amd64 (x86_64)
Foreign Architectures: i386
Kernel: Linux 6.1.0-3-amd64 (SMP w/12 CPU threads; PREEMPT)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8),
LANGUAGE=en_US:en
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled
Versions of packages chromium depends on:
ii chromium-common
110.0.5481.177-1
ii libasound2 1.2.8-1+b1
ii libatk-bridge2.0-0 2.46.0-5
ii libatk1.0-0 2.46.0-5
ii libatomic1 12.2.0-14
ii libatspi2.0-0 2.46.0-5
ii libbrotli1 1.0.9-2+b6
ii libc6 2.36-8
ii libcairo2 1.16.0-7
ii libcups2 2.4.2-1+b2
ii libdbus-1-3 1.14.6-1
ii libdouble-conversion3 3.2.1-1
ii libdrm2 2.4.114-1
ii libevent-2.1-7
2.1.12-stable-5+b1
ii libexpat1 2.5.0-1
ii libflac12 1.4.2+ds-2
ii libfontconfig1 2.14.1-4
ii libfreetype6 2.12.1+dfsg-4
ii libgbm1 22.3.3-1
ii libgcc-s1 12.2.0-14
ii libglib2.0-0 2.74.5-1
ii libgtk-3-0 3.24.36-4
ii libjpeg62-turbo 1:2.1.5-2
ii libjsoncpp25 1.9.5-4
ii liblcms2-2 2.14-1+b1
ii libminizip1 1.1-8+b1
ii libnspr4 2:4.35-1
ii libnss3 2:3.87.1-1
ii libopenjp2-7 2.5.0-1+b1
ii libopus0 1.3.1-3
ii libpango-1.0-0 1.50.12+ds-1
ii libpng16-16 1.6.39-2
ii libpulse0
16.1+dfsg1-2+b1
ii libre2-9
20220601+dfsg-1+b1
ii libsnappy1v5 1.1.9-2
ii libstdc++6 12.2.0-14
ii libwebp7 1.2.4-0.1
ii libwebpdemux2 1.2.4-0.1
ii libwebpmux3 1.2.4-0.1
ii libwoff1 1.0.2-2
ii libx11-6 2:1.8.3-3
ii libxcb1 1.15-1
ii libxcomposite1 1:0.4.5-1
ii libxdamage1 1:1.1.6-1
ii libxext6 2:1.3.4-1+b1
ii libxfixes3 1:6.0.0-2
ii libxkbcommon0 1.5.0-1
ii libxml2
2.9.14+dfsg-1.1+b3
ii libxnvctrl0 525.85.05-1
ii libxrandr2 2:1.5.2-2+b1
ii libxslt1.1 1.1.35-1
ii xdg-desktop-portal-gtk [xdg-desktop-portal-backend] 1.14.1-1
ii zlib1g
1:1.2.13.dfsg-1
Versions of packages chromium recommends:
ii chromium-sandbox 110.0.5481.177-1
Versions of packages chromium suggests:
pn chromium-driver <none>
pn chromium-l10n <none>
pn chromium-shell <none>
Versions of packages chromium-common depends on:
ii libc6 2.36-8
ii libdouble-conversion3 3.2.1-1
ii libjsoncpp25 1.9.5-4
ii libstdc++6 12.2.0-14
ii libx11-6 2:1.8.3-3
ii libxnvctrl0 525.85.05-1
ii x11-utils 7.7+5
ii xdg-utils 1.1.3-4.1
ii zlib1g 1:1.2.13.dfsg-1
Versions of packages chromium-common recommends:
ii chromium-sandbox 110.0.5481.177-1
pn fonts-liberation <none>
ii libgl1-mesa-dri 22.3.3-1
pn libu2f-udev <none>
ii system-config-printer 1.5.18-1
ii upower 0.99.20-2
ii xfce4-notifyd [notification-daemon] 0.7.3-1
Versions of packages chromium-sandbox depends on:
ii libc6 2.36-8
-- Configuration Files:
/etc/chromium.d/default-flags changed [not included]
-- no debconf information
