Hi there,
I am also affected by this issue. I am a Debian testing (currently
bookworm) user and am using snaps for front end apps so as to have updates
for them immediately available, and was under the impression the
confinement was working until I noticed a problem. For example using
firefox-esr
Hi,
can can verify on bullseye that this particular test case is not present
anymore:
---8<--8<--8<--8<--8<--8<--8<--8<---
$ snap run hello-world.evil
Hello Evil World!
This example demonstrates the app confinement
You should see a permission denied error next
Control: severity -1 important
Hi,
On Tue, Dec 24, 2019 at 06:33:58PM +0100, Mattia Monga wrote:
> Package: snapd
> Version: 2.42.1-1
> Severity: grave
> Tags: security
> Justification: user security hole
You didn't really explain how this is a security hole. You just asked for the
default
Package: snapd
Version: 2.42.1-1
Severity: grave
Tags: security
Justification: user security hole
If one installs the example snap hello-world and launches hello-world.evil in
apparmored system the application is NOT strictly confined by default.
~$ snap run hello-world.evil
Hello Evil World!
4 matches
Mail list logo