Package: msmtp
Version: 1.8.16
Severity: normal
Tags: apparmor
Owner: [email protected]
X-Debbugs-CC: [email protected]
Dear Emmanuel Bouthenot as a maintainer of Debian's msmtp package,
The helpers profile in /etc/apparmord.d/usr.bin.msmtp
# secret helpers
/{,usr/}bin/bash Cx -> helpers,
/{,usr/}bin/dash Cx -> helpers,
profile helpers {
#include <abstractions/base>
/{,usr/}bin/bash mr,
/{,usr/}bin/dash mr,
/tmp/ rw,
owner /tmp/* rw,
/usr/bin/secret-tool PUx,
/usr/bin/gpg{,2} PUx,
/usr/bin/pass PUx,
/usr/bin/head PUx,
/usr/bin/keyring PUx,
/{,usr/}bin/cat PUx,
}
lists already common helpers, but since my corporate email account
requires
auth xoauth2
passwordeval "oauth2ms"
with a Python script `oauth2ms`, one might first wonder if one configure msmtp
to execute a helper without a shell so that no /bin/sh is spawned and helpers
is not entered ?
However, msmtp’s passwordeval likely uses /bin/sh -c (common behavior), so this
does not seem feasible.
Rules within the helpers subprofile can only be added inside that subprofile’s
braces.
Since the (Debian) packaged profile already defines “profile helpers { … }”. A
second “profile helpers { … }” in a later include produces “Multiple
definitions for hat helpers …”.
Without modifying the packaged file, currently the only safe way to place rules
inside helpers is to ship a replacement profile file that contains a
helpers-local include.
Therefore, could one instead include “#include <local/usr.bin.msmtp.helpers>”
inside the helpers subprofile in the packaged file to support site-local
extensions without replacements?
Thank you for your kind consideration, and best wishes
Enno Nagel
