[pkg-apparmor] Bug#882070: apparmor: AppArmor should allow to read /etc/pulse subdirectories
intrigeri
intrigeri at debian.org
Thu Nov 23 17:31:43 UTC 2017
Hi!
Vincas Dargis:
> I have discovered this DENIED message on Debian Sid with Thundebird:
> type=AVC msg=audit(1511012066.035:570): apparmor="DENIED" operation="open"
> profile="thunderbird" name="/etc/pulse/client.conf.d/00-disable-autospawn.conf"
> pid=4507 comm="thunderbird" requested_mask="r" denied_mask="r" fsuid=1000 ouid=0
> type=SYSCALL msg=audit(1511012066.035:570): arch=c000003e syscall=2 success=no
> exit=-13 a0=7f0fd625c780 a1=80000 a2=1b6 a3=80000 items=0 ppid=1538 pid=4507
> auid=1000 uid=1000 gid=1000 euid=1000 suid=1000 fsuid=1000 egid=1000 sgid=1000
> fsgid=1000 tty=(none) ses=3 comm="thunderbird" exe="/usr/lib/thunderbird/thunderbird"
> key=(null)
> type=PROCTITLE msg=audit(1511012066.035:570): proctitle="/usr/lib/thunderbird/thunderbird"
> Can be reproduced by misconfiguring SMTP account in order to get alert message while sending email.
> I am working on patch upstream (see forward).
I see this was merged upstream already. Thanks!
What are the practical consequences of this bug?
Do you think we should cherry-pick the fix into the Debian packaging?
More information about the pkg-apparmor-team
mailing list