Unfortunately, evince needs access to the X server. Since apparmor doesn't yet support XACE or equivalent this means that evince can still launch keylogging and keyspoofing attacks. I think our first priority should be stopping evince from sending keypresses to a terminal in the background (which is is on the roadmap for apparmor I understand). Once we do that we can think about fixing this bug right, e.g. using the LD_PRELOAD trick Plash uses to replace the GTK file/open save dialog box with one that passes the rights to the file the user selects (and only the file the user selects).
-- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/900324 Title: apparmor profile provides too much access To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/evince/+bug/900324/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
