Public bug reported: Ubuntu SDK applications that use webkit webviews create shared memory files as /run/shm/WK2SharedMemory*. This results in an AppArmor rule like the following: owner /{,run/}shm/WK2SharedMemory.[0-9]* rwk,
But this rule is too lenient because a malicious app could enumerate these files and attack shared memory of other applications. Therefore, these paths need to be made application specific. One suggestion is to use something like shm_open("%s-WK2SharedMemory" % <app id>") instead of shm_open("WK2SharedMemory") where '<app id>' will ultimately be the reverse domain name with Click packages (see bug #1197037 for details on '<app id>'). Future work may allow for AppArmor IPC to handle this without modifications to the SDK, but this may be 14.04 so we need a solution for 13.10. ** Affects: ubuntu-qtcreator-plugins Importance: Undecided Status: New ** Affects: apparmor-easyprof-ubuntu (Ubuntu) Importance: Undecided Status: New ** Tags: application-confinement ** Description changed: Ubuntu SDK applications that use webkit webviews create shared memory files as /run/shm/WK2SharedMemory*. This results in an AppArmor rule like the following: owner /{,run/}shm/WK2SharedMemory.[0-9]* rwk, But this rule is too lenient because a malicious app could enumerate these files and attack shared memory of other applications. Therefore, these paths need to be made application specific. One suggestion is to use something like shm_open("%s-WK2SharedMemory" % <app id>") instead of shm_open("WK2SharedMemory") where '<app id>' will ultimately be the reverse domain name with Click packages (see bug #1197037 for details on '<app id>'). Future work may allow for AppArmor IPC to handle this without - modifications to the SDK. + modifications to the SDK, but this may be 14.04. ** Description changed: Ubuntu SDK applications that use webkit webviews create shared memory files as /run/shm/WK2SharedMemory*. This results in an AppArmor rule like the following: owner /{,run/}shm/WK2SharedMemory.[0-9]* rwk, But this rule is too lenient because a malicious app could enumerate these files and attack shared memory of other applications. Therefore, these paths need to be made application specific. One suggestion is to use something like shm_open("%s-WK2SharedMemory" % <app id>") instead of shm_open("WK2SharedMemory") where '<app id>' will ultimately be the reverse domain name with Click packages (see bug #1197037 for details on '<app id>'). Future work may allow for AppArmor IPC to handle this without - modifications to the SDK, but this may be 14.04. + modifications to the SDK, but this may be 14.04 so we need a solution + for 13.10. ** Tags added: application-confinement ** Also affects: apparmor-easyprof-ubuntu (Ubuntu) Importance: Undecided Status: New -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1197060 Title: SDK webview applications should use an app-specific path for shared memory files To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu-qtcreator-plugins/+bug/1197060/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs