Bug#1128672: /etc/apparmor.d/usr.bin.thunderbird: causes crash when trying to attach a file

Sun, 22 Feb 2026 04:43:18 -0800 

Control: retitle -1 /etc/apparmor.d/usr.bin.thunderbird: causes crash when 
trying to attach a file
Control: affects -1 + src:apparmor

On Sun, 22 Feb 2026 at 13:20:16 +0100, Marc Haber wrote:

Starting thunderbird gives the following console messsages:

...

I then open a new message and click on "attach". Thunderbird crashes
reliably,

WARNING: Glycin running without sandbox.
WARNING: Glycin running without sandbox.
**
Gtk:ERROR:../../../gtk/gtkiconhelper.c:495:ensure_surface_for_gicon: assertion failed (error == NULL): Failed to load 
/usr/share/icons/breeze-dark/status/16/image-missing.svg: Could not spawn `env -i 
XDG_RUNTIME_DIR="/run/user/1001" "/usr/libexec/glycin-loaders/2+/glycin-svg" "--dbus-fd" 
"122"`: Permission denied (os error 13) (gdk-pixbuf-error-quark, 0)
Bail out! Gtk:ERROR:../../../gtk/gtkiconhelper.c:495:ensure_surface_for_gicon: assertion failed (error == NULL): Failed 
to load /usr/share/icons/breeze-dark/status/16/image-missing.svg: Could not spawn `env -i 
XDG_RUNTIME_DIR="/run/user/1001" "/usr/libexec/glycin-loaders/2+/glycin-svg" "--dbus-fd" 
"122"`: Permission denied (os error 13) (gdk-pixbuf-error-quark, 0)
This is another symptom of the same root cause as <https://bugs.debian.org/1127710>: thunderbird's AppArmor profile prevents gdk-pixbuf / glycin / bwrap from working as designed, by denying permission to do operations that they need. A workaround is to put thunderbird's AppArmor profile in "complain" (non-enforcing) mode, making it no longer a security boundary: 

    aa-complain /etc/apparmor.d/usr.bin.thunderbird

or disable it completely.
Thunderbird's AppArmor profile is already disabled by default (see https://salsa.debian.org/mozilla-team/thunderbird/-/blob/debian/sid/debian/README.apparmor) "because it has to break a number of common use cases in order to provide meaningful application confinement". Now that gdk-pixbuf uses glycin, that list of common use cases is much longer than it used to be.
Based on discussion in https://bugs.debian.org/1127710 it seems that the most likely resolution for this issue will be to remove the AppArmor profile completely. 

    smcv

Reply via email to