[pkg-apparmor] Bug#1098869: apparmor: triggers a security warning in Firefox with firejail
Vincent Lefevre
vincent at vinc17.net
Tue Feb 25 15:39:07 GMT 2025
Control: affects -1 firejail
... in case something needs to be done on the firejail side.
On 2025-02-25 13:59:04 +0100, Vincent Lefevre wrote:
> On 2025-02-25 12:18:53 +0100, Vincent Lefevre wrote:
> > After the apparmor upgrade to 4.1.0~beta5-2, Firefox
> > (Debian's package firefox 135.0.1-1) now displays the
> > following warning message:
> >
> > Some of Firefox's security features may offer less protection
> > on your current operating system.
>
> This actually occurs only with firejail (I actually use a wrapper
> doing that), e.g.
>
> firejail /usr/bin/firefox
>
> According to "ps -efZ", it is the firejail-default AppArmor profile
> that is used.
I suspect that this is because the firejail-default AppArmor profile
does not use "userns" (contrary to the firefox AppArmor profile,
which completely changed).
--
Vincent Lefèvre <vincent at vinc17.net> - Web: <https://www.vinc17.net/>
100% accessible validated (X)HTML - Blog: <https://www.vinc17.net/blog/>
Work: CR INRIA - computer arithmetic / Pascaline project (LIP, ENS-Lyon)
More information about the pkg-apparmor-team
mailing list