[pkg-apparmor] Bug#1032020: Bug#1032020: chromium: Missing character after Chromium AppArmor profile update opens up unrestricted system browsing.
intrigeri
intrigeri at debian.org
Wed Mar 1 08:48:07 GMT 2023
Control: tag -1 + unreproducible
Control: severity -1 minor
Hi,
Guillaume B. (2023-02-28):
> Installing fresh sid profiles with both previously stated packages (version
> 3.0.8-3 and 1.35 respectively), I have not seen that specific mistake made.
>
> It may have come from a loose AppArmor profile but, just to be sure, no
> such open "/** r," found in latest sid-provided
> apparmor-profiles/apparmor-profiles-extra Chromium AppArmor profile.
I've looked at the Git history of the relevant apparmor* packages and
found no trace of them having ever distributed a Chromium profile
with a "/** r," rule.
> dpkg-query: no path found matching pattern /etc/apparmor.d/usr.bin.chromium
This shows that no Debian package is currently maintaining that file.
Frankly, I have no idea how this rule landed on your filesystem, but
I really don't see how this problem could have been directly caused by
a Debian package or upgrade.
Cheers,
--
intrigeri
More information about the pkg-apparmor-team
mailing list