Closing trusty task
** Changed in: pulseaudio (Ubuntu Trusty)
Status: Confirmed = Won't Fix
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1211380
Title:
pulseaudio socket needs confined app
** Changed in: apparmor (Ubuntu T-series)
Status: Confirmed = Fix Released
** Changed in: apparmor-easyprof-ubuntu (Ubuntu T-series)
Status: Confirmed = Fix Released
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
** Description changed:
- Confined applications need access to the pulseaudio socket.
+ Confined applications need access to the pulseaudio socket. Currently
+ several sockets are available to apps, and some allow performing
+ dangerous operations, such as loading a module from an arbitrary path.
** Branch linked: lp:ubuntu/saucy-proposed/apparmor
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1211380
Title:
pulseaudio socket needs confined app restrictions
To manage notifications about
This bug was fixed in the package apparmor - 2.8.0-0ubuntu30
---
apparmor (2.8.0-0ubuntu30) saucy; urgency=low
[ Tyler Hicks ]
* debian/patches/0059-dbus-rules-for-dbus-abstractions.patch: Add an
abstraction for the accessibility bus. It is currently very permissive,
like
** Branch linked: lp:ubuntu/apparmor
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1211380
Title:
pulseaudio socket needs confined app restrictions
To manage notifications about this bug go to:
Adding a task for AppArmor, as the generic audio abstraction grants
access to the cli socket and should be locked down to only grant access
to the pid and native files.
** Also affects: apparmor (Ubuntu)
Importance: Undecided
Status: New
** Changed in: apparmor (Ubuntu Saucy)
** Also affects: pulseaudio (Ubuntu T-series)
Importance: Undecided
Status: New
** Also affects: apparmor-easyprof-ubuntu (Ubuntu T-series)
Importance: Undecided
Status: New
** Changed in: pulseaudio (Ubuntu Saucy)
Importance: Critical = Undecided
** Changed in:
In email correspondence, David said that we should disable access to the
cli and dbus-sockets and only allow access to native. This has been
added to policy. With a pending kernel patch, those avenues will be
fixed. David also said that with the native socket apps can load pulse
system modules.
apparmor-easyprof-ubuntu has the correct pulse socket accesses in
1.0.32.
** Changed in: apparmor-easyprof-ubuntu (Ubuntu Saucy)
Importance: Undecided = Critical
** Changed in: apparmor-easyprof-ubuntu (Ubuntu Saucy)
Status: New = Fix Released
** Changed in: apparmor-easyprof-ubuntu
** Branch linked: lp:ubuntu/saucy-proposed/apparmor-easyprof-ubuntu
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1211380
Title:
pulseaudio socket needs confined app restrictions
To manage
I just noticed your question. David, there is both a libapparmor API and
a DBus API. See man aa_getcon for details.
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1211380
Title:
pulseaudio socket
** Also affects: pulseaudio
Importance: Undecided
Status: New
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1211380
Title:
pulseaudio socket needs confined app restrictions
To manage
** Also affects: pulseaudio (Ubuntu Saucy)
Importance: Undecided
Status: New
** Changed in: pulseaudio (Ubuntu Saucy)
Importance: Undecided = Critical
** Changed in: pulseaudio (Ubuntu Saucy)
Status: New = Confirmed
** Changed in: pulseaudio (Ubuntu Saucy)
Milestone:
Okay, how does PulseAudio determine if a client is confined or not?
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1211380
Title:
pulseaudio socket needs confined app restrictions
To manage
15 matches
Mail list logo