In email correspondence, David said that we should disable access to the
cli and dbus-sockets and only allow access to native. This has been
added to policy. With a pending kernel patch, those avenues will be
fixed. David also said that with the native socket apps can load pulse
system modules. That is sufficient for 13.10, but will likely want to
add security hooks to pulse going forward. I'll mark the saucy task as
"Won't Fix" for now. We can define work items for mediating module load
down the line.
** Also affects: apparmor-easyprof-ubuntu (Ubuntu)
Importance: Undecided
Status: New
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1211380
Title:
pulseaudio socket needs confined app restrictions
To manage notifications about this bug go to:
https://bugs.launchpad.net/pulseaudio/+bug/1211380/+subscriptions
--
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
