Vincas Dargis: > Now that "/sys/devices/system/memory/block_size_bytes r," needs simple > backport, as > is is already available in more recent AppArmor [0].
Unless this denial triggers important user-visible issues, I say let's ignore it for Stretch and for testing/sid it'll be fixed soon anyway. > Let's talk about these "rwm" then. This is a kinda known issue. > NVIDIA drivers tries to mmap() for execution some sort of optimization-related > generated files from these paths OP mentioned [1]. […] In the Thunderbird case, I don't think we need to make things complicated to maintain/update/etc. and I suggest we merely silence these with "deny" rules. Cheers, -- intrigeri
