Public bug reported: Nibaldo González has reported that the LibreOffice AppArmor profile has mistakes in it:
https://lists.ubuntu.com/archives/apparmor/2018-January/011418.html > In this case, AppArmor grants write and read permissions to files with > extension: '.#.txt', '.#All', '.the', '.format', '.#.xml', '.and', > etc. Clearly, the profile must be fixed. I've confirmed this via apparmor_parser -Qd output on a slightly modified version of the source file: $ apparmor_parser -Qd < foo | grep '#' Warning from stdin (line 1): apparmor_parser: cannot use or update cache, disable, or force-complain via stdin Mode: rwak: Name: ({/home//*,/root,/mnt,/media}/**.{[tT][xX][tT],#.txt,{,f,F}[oO][dDtT][tTsSpPbBgGfF],#All,the,open,document,format,[xX][mMsS][lL],#.xml,and,xsl,[pP][dD][fF],#.pdf,[uU][oO][fFtTsSpP],#Unified,office,format,{,x,X}[hH][tT][mM]{,l,L},#(x)htm(l),[jJ][pP][gG],[jJ][pP][eE][gG],[pP][nN][gG],[sS][vV][gG],[sS][vV][gG][zZ]99251,[tT][iI][fF],[tT][iI][fF][fF],[dD][oO][cCtT]{,x,X},[rR][tT][fF],[xX][lL][sSwWtT]{,x,X},[dD][iIbB][fF],#.dif,dbf,[cCtT][sS][vV],#.tsv,.csv,[sS][lL][kK],[pP][pP][tTsS]{,x,X},[pP][oO][tT]{,m,M},[sS][wW][fF],#Flash,[pP][sS][dD],#Photoshop,[mM][mM][lL]}) The comments on the variable assignment lines are carried through to the policy. Thanks ** Affects: libreoffice (Ubuntu) Importance: Undecided Status: New ** Affects: libreoffice-l10n (Ubuntu) Importance: Undecided Status: New ** Also affects: libreoffice-l10n (Ubuntu) Importance: Undecided Status: New -- You received this bug notification because you are a member of Desktop Packages, which is subscribed to libreoffice in Ubuntu. https://bugs.launchpad.net/bugs/1741581 Title: buggy apparmor profile Status in libreoffice package in Ubuntu: New Status in libreoffice-l10n package in Ubuntu: New Bug description: Nibaldo González has reported that the LibreOffice AppArmor profile has mistakes in it: https://lists.ubuntu.com/archives/apparmor/2018-January/011418.html > In this case, AppArmor grants write and read permissions to files with > extension: '.#.txt', '.#All', '.the', '.format', '.#.xml', '.and', > etc. Clearly, the profile must be fixed. I've confirmed this via apparmor_parser -Qd output on a slightly modified version of the source file: $ apparmor_parser -Qd < foo | grep '#' Warning from stdin (line 1): apparmor_parser: cannot use or update cache, disable, or force-complain via stdin Mode: rwak: Name: ({/home//*,/root,/mnt,/media}/**.{[tT][xX][tT],#.txt,{,f,F}[oO][dDtT][tTsSpPbBgGfF],#All,the,open,document,format,[xX][mMsS][lL],#.xml,and,xsl,[pP][dD][fF],#.pdf,[uU][oO][fFtTsSpP],#Unified,office,format,{,x,X}[hH][tT][mM]{,l,L},#(x)htm(l),[jJ][pP][gG],[jJ][pP][eE][gG],[pP][nN][gG],[sS][vV][gG],[sS][vV][gG][zZ]99251,[tT][iI][fF],[tT][iI][fF][fF],[dD][oO][cCtT]{,x,X},[rR][tT][fF],[xX][lL][sSwWtT]{,x,X},[dD][iIbB][fF],#.dif,dbf,[cCtT][sS][vV],#.tsv,.csv,[sS][lL][kK],[pP][pP][tTsS]{,x,X},[pP][oO][tT]{,m,M},[sS][wW][fF],#Flash,[pP][sS][dD],#Photoshop,[mM][mM][lL]}) The comments on the variable assignment lines are carried through to the policy. Thanks To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/libreoffice/+bug/1741581/+subscriptions -- Mailing list: https://launchpad.net/~desktop-packages Post to : desktop-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~desktop-packages More help : https://help.launchpad.net/ListHelp