Profile is way out of date, will reopen with new profile if I have the
time.
** Changed in: apparmor (Ubuntu)
Status: Triaged => Invalid
--
Add Rhythmbox AppArmor Profile
https://bugs.launchpad.net/bugs/129145
You received this bug notification because you are a member of Ubuntu
Bugs, whi
** Changed in: apparmor (Ubuntu)
Status: Invalid => Triaged
--
Add Rhythmbox AppArmor Profile
https://bugs.launchpad.net/bugs/129145
You received this bug notification because you are a member of Ubuntu
Bugs, which is the bug contact for Ubuntu.
--
ubuntu-bugs mailing list
ubuntu-bugs@li
[Expired for apparmor (Ubuntu) because there has been no activity for 60
days.]
--
Add Rhythmbox AppArmor Profile
https://bugs.launchpad.net/bugs/129145
You received this bug notification because you are a member of Ubuntu
Bugs, which is the bug contact for Ubuntu.
--
ubuntu-bugs mailing list
u
Updated again.
** Attachment added: "usr.bin.rhythmbox"
http://launchpadlibrarian.net/8694312/usr.bin.rhythmbox
--
Add Rhythmbox AppArmor Profile
https://bugs.launchpad.net/bugs/129145
You received this bug notification because you are a member of Ubuntu
Bugs, which is the bug contact for Ubu
Updated Again. Couple questions.
Should Rhythmbox be reading the kernel?
Profile: /usr/bin/rhythmbox
Path: /boot/initrd.img-2.6.22-9-generic
Mode: r
Severity: 7
And I now have this line ( /usr/lib/firefox/firefox ixr, )
Is there a better way to do default web browser?
** Attachment a
Hehe, thanks. All of the above, really. :) Generally, the idea is
that if the app processes untrusted data, it should be wrapped in a
profile to limit the scope of the damage that can be done if the app
contains an unknown exploitable vulnerability.
We've mostly targetted network services and c
Updated. "Thanks for working on the profile. :)" Thanks for making it
easy to do so :).
I think I might try my hand at BOINC next. Is there demand to have more
profiles for desktop apps or is this more for servers? Or all apps that
load untrusted data?
** Attachment added: "usr.bin.rhythmbox
That's for sysv shared memory segments. You should be able to create a
rule using only "/SYSV* rw,".
We're planning on mediating IPC better in the future, but that's not
done yet.
Thanks for working on the profile. :)
--
Add Rhythmbox AppArmor Profile
https://bugs.launchpad.net/bugs/129145
Yo
Very good points...
It keeps creating files like this in the root of the drive though... Not
exactly sure what to do about it.
/SYSV
I've got it down do "/* rw, "
I've also seen it scan (and crash) on seemingly random files in my home
folder..
** Attachment added: "usr.bin.rhythmbox"
Thanks for the profile! I think it is probably not ready for public
use. The "/** rw," line, for example, doesn't really offer much
protection for the system, since this allows all files on the system to
be written. :) I would suggest using the "common" library directory as
writable by rhythmbo
Important test cases that I can't do.
MTP Plug-in
Ipod Plug-in
Last.fm
Buying music off of magnatune
Downloading music from magnatune
Downloading music from Jamendo
** Attachment added: "usr.bin.rhythmbox"
http://launchpadlibrarian.net/8599290/usr.bin.rhythmbox
--
Add Rhythmbox AppArmor Prof
11 matches
Mail list logo
