Thanks for the detailed review! I'm going to adapt the suggested changes and then return (after another round of testing).
Kind regards, Bryan On Thu, Feb 26, 2015 at 11:45 AM, Christian Boltz <appar...@cboltz.de> wrote: > Hello, > > Am Donnerstag, 5. Februar 2015 schrieb Bryan Quigley: >> I've taken a few stabs (and followed a few others) at creating a >> useful LibreOffice profile (attached, previous iterations[1]). >> >> This profile should not be turned on by default because: > > That means it should probably live in the extra profiles directory, with > the disadvantage that not too many people look into it or use it. > >> Will not open a file without an known extension >> Will not open rw a file if it's not under /media or /home. > > That doesn't match your soffice.bin profile, see below for a possible > solution. > >> The permissions are quite lenient (due to file selector) but I believe >> it still provides advantages. > > Indeed, the soffice.bin comes with an impressive collection of > abstractions and other permissions. (I hope you have good reasons for > each of them ;-) > > Maybe you should add a comment explaining exactly that: > "What this profile will / will not do" > >> [1] https://bugs.launchpad.net/ubuntu/+source/libreoffice/+bug/1284507 > > To answer your follow-up first - it seems most people are currently too > busy to review patches. I'm suffering from that myself - as you probably > noticed, I have some patches pending without feedback... > > Anyway, I just looked at your profiles. > > The xpdfimport looks good. > > Just to be sure - does it really only need write access to temp files? > > Nitpicking: > - if the tempfiles use a defined name scheme (for example > /tmp/xpdfimport.*), you should use that (with "owner" keyword) instead > of abstractions/user-tmp > - OTOH, instead of all the /lib* and /usr/lib* permissions, you could > use the slightly more permissive abstractions/base to simplify > the profile > > > The soffice.bin profile is a bit more interesting ;-) > > /**.[hH][tT][mM]? rwk, # html, htm, etc > /**.[xX][hH][tT][mM]? rwk, # x^ > > This doesn't match the comment - the rules will match *.html and *.xhtml > (and also *.htma, which you probably don't want), but not *.htm and > *.xhtm. > > You can merge both lines into > /**.{,x,X}[hH][tT][mM]{,l,L} rwk, # htm, html, xhtm, xhtml > or add separate lines to have it more readable) > > /**.[pP][nN][gG]? rw, > /**.[sS][vV][gG]? rw, > > Those mean .svgX and pngX, where X is any char. I'd guess you should > delete the ? ;-) > > /**.[dD][oO]* rwk, > /**.[xX][lL]* rwk, > /**.[pP][pP]* rwk, > /**.[pP][oO][tT]* rwk, > > might be a bit broad - if possible, replace * with a set of letters. > > > Another option might be to define a variable with all those extensions, > for example > > @{libreoffice_ext} = [oO][dD]? [oO][tT]? # .od*, .ot* > @{libreoffice_ext} += [fF][oO][dD]? # .fod* > @{libreoffice_ext} += [xX][mM][lL] # .xml > > By using +=, you can keep the definition readable. > > The advantage of using a variable is that it makes the profile a bit > more readable and even allows to restrict in which directories you allow > write access. You could do something like > > /**.@{libreoffice_ext} r, # read from everywhere and everybody > owner @{HOME}/**.@{libreoffice_ext} rw, # write own files in $HOME > owner /tmp/**.@{libreoffice_ext} rw, # ... and own files in /tmp > > > That all said - I didn't find anything that looks wrong in your > profiles, so I'm willing to commit them to the extra-profiles directory > with the above answered and (optionally) some of my proposed changes > included. > > > Regards, > > Christian Boltz > -- >> Alle Distributionen saugen - die Schmerzen sind nur *anders* > Für die einen ist es Linux, für die anderen der flexibelste > Schmerzbaukasten der Welt. [> G. Doering + Oli Schad] > > > -- > AppArmor mailing list > AppArmor@lists.ubuntu.com > Modify settings or unsubscribe at: > https://lists.ubuntu.com/mailman/listinfo/apparmor -- AppArmor mailing list AppArmor@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/apparmor
