[pkg-apparmor] Bug#1128672: /etc/apparmor.d/usr.bin.thunderbird: causes crash when trying to attach a file
Simon McVittie
smcv at debian.org
Sun Feb 22 12:41:26 GMT 2026
Control: retitle -1 /etc/apparmor.d/usr.bin.thunderbird: causes crash when trying to attach a file
Control: affects -1 + src:apparmor
On Sun, 22 Feb 2026 at 13:20:16 +0100, Marc Haber wrote:
>Starting thunderbird gives the following console messsages:
...
>I then open a new message and click on "attach". Thunderbird crashes
>reliably,
>
>WARNING: Glycin running without sandbox.
>WARNING: Glycin running without sandbox.
>**
>Gtk:ERROR:../../../gtk/gtkiconhelper.c:495:ensure_surface_for_gicon: assertion failed (error == NULL): Failed to load /usr/share/icons/breeze-dark/status/16/image-missing.svg: Could not spawn `env -i XDG_RUNTIME_DIR="/run/user/1001" "/usr/libexec/glycin-loaders/2+/glycin-svg" "--dbus-fd" "122"`: Permission denied (os error 13) (gdk-pixbuf-error-quark, 0)
>Bail out! Gtk:ERROR:../../../gtk/gtkiconhelper.c:495:ensure_surface_for_gicon: assertion failed (error == NULL): Failed to load /usr/share/icons/breeze-dark/status/16/image-missing.svg: Could not spawn `env -i XDG_RUNTIME_DIR="/run/user/1001" "/usr/libexec/glycin-loaders/2+/glycin-svg" "--dbus-fd" "122"`: Permission denied (os error 13) (gdk-pixbuf-error-quark, 0)
This is another symptom of the same root cause as
<https://bugs.debian.org/1127710>: thunderbird's AppArmor profile
prevents gdk-pixbuf / glycin / bwrap from working as designed, by
denying permission to do operations that they need. A workaround is to
put thunderbird's AppArmor profile in "complain" (non-enforcing) mode,
making it no longer a security boundary:
aa-complain /etc/apparmor.d/usr.bin.thunderbird
or disable it completely.
Thunderbird's AppArmor profile is already disabled by default (see
https://salsa.debian.org/mozilla-team/thunderbird/-/blob/debian/sid/debian/README.apparmor)
"because it has to break a number of common use cases in order to
provide meaningful application confinement". Now that gdk-pixbuf uses
glycin, that list of common use cases is much longer than it used to be.
Based on discussion in https://bugs.debian.org/1127710 it seems that the
most likely resolution for this issue will be to remove the AppArmor
profile completely.
smcv
More information about the pkg-apparmor-team
mailing list