On 2019-01-04 14:05, Yangfl wrote:
I'd love to see any improvement in program quality. As you're willing
to create the AppArmor profile, I'd like to suggest you to directly
submit your changes to upstream; just open a pr in their github repo
https://github.com/qTox/qTox .
I have mixed feelings about upstream qTox repo. AppArmor community would be more capable of
providing security-oriented reviews. Again, Thunderbird, Totem, Pidgin etc, profiles are already
maintained on apparmor-profiles repository, and I would suggest to do the same with with qTox one.
Especially as qTox team feels understaffed.
I would like to ask our AppArmor maintainer (CC'd):
intrigeri what's your take on this? Where should new profiles be "placed"? P.S. I know you don't
want new profiles for Buster, and I am not really targeting Buster (especially due to
GUI-application-confining issues), let's see this as (yet another) long-term personal project :) .