[pkg-apparmor] Bug#858174: Please provide an AppArmor profile for Firefox
Ulrike Uhlig
ulrike at debian.org
Mon Mar 20 07:49:00 UTC 2017
Hi Mike,
Mike Hommey:
> control: reassign -1 apparmor-profiles
>> Package: firefox
>> Severity: normal
>> as you might know, AppArmor confines programs according to a set of
>> rules that specify what files a given program can access. This approach
>> helps protect the system against both known and unknown vulnerabilities.
>> In several distributions such as Ubuntu or Tails, AppArmor is enabled by
>> default.
>
> AppArmor profiles ought to be in the apparmor-profiles package. In fact,
> there is one for Firefox there according to
> https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=805594#24
@intrigeri: I was not aware that this profile is considered incomplete.
Ubuntu ships it in Firefox as it seems. Or did I misunderstand that?
> If it needs update, this should happen there.
The ultimate aim for AppArmor in Debian is to have each package install
their own profile an make the apparmor-profiles and
apparmor-profiles-extra package disappear on the long term.
Cheers!
u.
More information about the pkg-apparmor-team
mailing list