The sanitized_helper is an escape hatch, and is only slightly better
than using ux directly within the profile. It exists because Ubuntu
doesn't carry a complete policy yet (a lot of the system is unconfined),
and because environment variable sanitization either breaks the child
application being p
The sanitized_helper profile is designed to be as generic as possible to
make it work with most binaries when a more restrictive profile is
unavailable.
As you pointed out, this approach raises several concerns:
- The security level of this profile is only slightly above unconfined, which
can u
