oxide's chrome-sandbox needs access to @{PROC}/[0-9]*/oom_* which may conflict with application lifecycle
Bug #1260115 reported by
Jamie Strandboge
This bug affects 1 person
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
Oxide |
Won't Fix
|
Medium
|
Unassigned | ||
apparmor-easyprof-ubuntu (Ubuntu) |
Fix Released
|
Critical
|
Jamie Strandboge |
Bug Description
The following accesses are required by chrome-sandbox:
owner @{PROC}
owner @{PROC}
It needs to be confirmed that chrome-sandbox's adjustments will not interfere with application lifecycle.
Related branches
Changed in apparmor-easyprof-ubuntu (Ubuntu): | |
importance: | Undecided → Medium |
tags: | added: application-confinement |
To post a comment you must log in.
This access was confirmed to interfere with application lifecycle and provides an easy way for apps to adjust their own OOM scores. apparmor- easyprof- ubuntu needs to remove the policy allowing writes to these proc entries.