Hello Seth,
Thank You very much for an answers and explanations. I really appreciate
it; your help and so on :- ) I will try to take your suggestions and to do
something with these entries etc.
However, there is one more DENIED entry - I saw this one today, after first
Firefox start. It looks this way:
May 6 19:15:47 t1 dbus[1546]: apparmor="DENIED"
operation="dbus_method_call" bus="session"
path="/org/gtk/vfs/mounttracker" interface="org.gtk.vfs.MountTracker"
member="ListMountableInfo" mask="send" name=":1.9" pid=5882
label="/usr/lib/firefox/firefox{,*[^s][^h]}" peer_pid=1654
peer_label="unconfined"
As we can see, this DENIED entry appeared once again. You wrote, that; "the
'name' in your proposed policy snippet probably wouldn't work though, it
probably needs to be 'interface' (...)." So, could this rule looks this
way?
dbus (send)
bus=session
interface=org.gtk.vfs.mounttracker
member={ListMountableInfo}
Is it OK or bad rule, to use? Thank You once again.
Best regards.
--
AppArmor mailing list
AppArmor@lists.ubuntu.com
Modify settings or unsubscribe at:
https://lists.ubuntu.com/mailman/listinfo/apparmor
