[Pkg-privacy-maintainers] Bug#942901: torbrowser-launcher: Tor Browser 9.0 shows only black screens due to no write access to /dev/shm/org.mozilla.ipc..

Wed Oct 23 02:41:51 BST 2019

Package: torbrowser-launcher
Version: 0.3.2-2
Severity: serious

Tor Browser 9.0 shows only black screens because the default apparmor
profile does not allow write access to /dev/shm/org.mozilla.ipc.*.*
like it does for /dev/shm/org.chromium.* and I was able to fix this
issue by adding this workaround:

==> /etc/apparmor.d/local/torbrowser.Browser.firefox <==
owner /{dev,run}/shm/org.mozilla.*.* rw,

Oct 23 09:32:00 kernel: audit: type=1400 audit(1571794320.416:1642): apparmor="DENIED" operation="mknod" profile="torbrowser_firefox" name="/dev/shm/org.mozilla.ipc.1935.0" pid=1935 comm="firefox.real" requested_mask="c" denied_mask="c" fsuid=1000 ouid=1000
Oct 23 09:32:00 kernel: audit: type=1400 audit(1571794320.432:1643): apparmor="DENIED" operation="mknod" profile="torbrowser_firefox" name="/dev/shm/org.mozilla.ipc.1935.1" pid=1935 comm="firefox.real" requested_mask="c" denied_mask="c" fsuid=1000 ouid=1000
Oct 23 09:32:00 kernel: audit: type=1400 audit(1571794320.588:1644): apparmor="DENIED" operation="mknod" profile="torbrowser_firefox" name="/dev/shm/org.mozilla.ipc.1935.2" pid=1935 comm="firefox.real" requested_mask="c" denied_mask="c" fsuid=1000 ouid=1000
Oct 23 09:32:00 kernel: audit: type=1400 audit(1571794320.596:1645): apparmor="DENIED" operation="mknod" profile="torbrowser_firefox" name="/dev/shm/org.mozilla.ipc.1935.3" pid=1935 comm="firefox.real" requested_mask="c" denied_mask="c" fsuid=1000 ouid=1000
Oct 23 09:32:00 kernel: audit: type=1400 audit(1571794320.600:1646): apparmor="DENIED" operation="mknod" profile="torbrowser_firefox" name="/dev/shm/org.mozilla.ipc.1935.4" pid=1935 comm="firefox.real" requested_mask="c" denied_mask="c" fsuid=1000 ouid=1000
Oct 23 09:32:00 kernel: audit: type=1400 audit(1571794320.816:1647): apparmor="DENIED" operation="mknod" profile="torbrowser_firefox" name="/dev/shm/org.mozilla.ipc.1935.5" pid=1935 comm="firefox.real" requested_mask="c" denied_mask="c" fsuid=1000 ouid=1000
Oct 23 09:32:01 kernel: audit: type=1400 audit(1571794321.296:1648): apparmor="DENIED" operation="mknod" profile="torbrowser_firefox" name="/dev/shm/org.mozilla.ipc.1935.6" pid=1935 comm="firefox.real" requested_mask="c" denied_mask="c" fsuid=1000 ouid=1000
Oct 23 09:32:01 kernel: audit: type=1400 audit(1571794321.668:1649): apparmor="DENIED" operation="mknod" profile="torbrowser_firefox" name="/dev/shm/org.mozilla.ipc.1935.7" pid=1935 comm="firefox.real" requested_mask="c" denied_mask="c" fsuid=1000 ouid=1000

-- System Information:
Debian Release: bullseye/sid
  APT prefers testing-debug
  APT policy: (900, 'testing-debug'), (900, 'testing'), (800, 'unstable-debug'), (800, 'unstable'), (790, 'buildd-unstable'), (700, 'experimental-debug'), (700, 'experimental'), (690, 'buildd-experimental')
Architecture: amd64 (x86_64)

Kernel: Linux 5.2.0-3-amd64 (SMP w/4 CPU cores)
Kernel taint flags: TAINT_FIRMWARE_WORKAROUND, TAINT_OOT_MODULE, TAINT_UNSIGNED_MODULE
Locale: LANG=en_AU.utf8, LC_CTYPE=en_AU.utf8 (charmap=UTF-8), LANGUAGE=en_AU:en (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled

Versions of packages torbrowser-launcher depends on:
ii  ca-certificates   20190110
ii  libdbus-glib-1-2  0.110-4
ii  python3           3.7.5-1
ii  python3-gpg       1.13.1-1
ii  python3-pyqt5     5.12.3+dfsg-2
ii  python3-requests  2.21.0-1
ii  python3-socks     1.6.8+dfsg-1

Versions of packages torbrowser-launcher recommends:
ii  tor  0.4.1.6-1

Versions of packages torbrowser-launcher suggests:
ii  apparmor  2.13.3-5+b1

-- Configuration Files:
/etc/apparmor.d/local/torbrowser.Browser.firefox changed:
owner /{dev,run}/shm/org.mozilla.* rw,

-- no debconf information

-- 
bye,
pabs

https://wiki.debian.org/PaulWise
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: This is a digitally signed message part
URL: <http://alioth-lists.debian.net/pipermail/pkg-privacy-maintainers/attachments/20191023/74eccd25/attachment.sig>

[Pkg-privacy-maintainers] Bug#942901: torbrowser-launcher: Tor Browser 9.0 shows only black screens due to no write access to /dev/shm/org.mozilla.ipc.*.*

[Pkg-privacy-maintainers] Bug#942901: torbrowser-launcher: Tor Browser 9.0 shows only black screens due to no write access to /dev/shm/org.mozilla.ipc..