Public bug reported:
If a confined application has the networking profile it cannot access
the donwload manager eventhough there are rules to allow it. The
following error happens when trying to create a new download:
Apr 21 15:38:43 ubuntu-phablet dbus[2162]: apparmor="DENIED"
operation="dbus_method_call" bus="session" path="/"
interface="com.canonical.applications.DownloadManager"
member="createDownload" mask="send"
name="com.canonical.applications.Downloader" pid=25799
profile="com.mikeasoft.deepvision_deepvision_0.1.1" peer_pid=25857
peer_profile="unconfined"
After some talk in the security channel we were pointed out the following:
17:11 @ tyhicks : jdstrand: in the networking policy group, some of the dbus
rules specify the member by including the full interface
17:11 @ tyhicks : jdstrand: like "...
member=com.canonical.applications.Downloader.createDownload,"
17:11 @ tyhicks : jdstrand: I think that should just be "...
member=createDownload,"
** Affects: apparmor-easyprof-ubuntu (Ubuntu)
Importance: Undecided
Status: New
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1311164
Title:
Ubuntu Download Manager cannot be accessed by confined applications
even when they have the networking profile
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/apparmor-easyprof-ubuntu/+bug/1311164/+subscriptions
--
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
