Apparmor profile needs to be "unconfined"

Bug #1558738 reported by Christopher Townsend
6
This bug affects 1 person
Affects Status Importance Assigned to Milestone
Libertine Scope
Status tracked in Trunk
Release
Medium
Christopher Townsend
Trunk
Medium
Christopher Townsend
libertine-scope (Ubuntu)
Medium
Christopher Townsend

Bug Description

For the scope to access user data, the apparmor profile template needs to be "unconfined". When using the ""ubuntu-scope-network" template, apparmor denies access. This is also documented on https://developer.ubuntu.com/api/scopes/cpp/sdk-15.04.1/index/ under the "Apparmor manifest" section:

Scopes that are packaged using click are inherently untrusted and must be confined. At present, there is only a single type of scope that can be defined:
   * Network scope - can access the network / internet, but is not allowed to use APIs that provide access to the user's data.

So the only way around this is to set it unconfined. I confirmed this by building a test click with unconfined set and it works.

Changed in libertine-scope (Ubuntu):
status: New → Triaged
importance: Undecided → Medium
Changed in libertine-scope (Ubuntu):
status: Triaged → In Progress
assignee: nobody → Christopher Townsend (townsend)
Revision history for this message
Stephen M. Webb (bregma) wrote :

Released in version 1.1+16.04.20160506-0ubuntu1.

Revision history for this message
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package libertine-scope - 1.1+16.04.20160506-0ubuntu1

---------------
libertine-scope (1.1+16.04.20160506-0ubuntu1) xenial; urgency=medium

  [ Chris Townsend ]
  * Use the "unconfined" apparmor template to allow the scope to access user
    data (lp: #1558738).

  [ Larry Price ]
  * Redesigned preview pane with reasonably-sized image, title, and description.
  * Filtered app launchers based on a user-input regular expression.
  * Added a setting for listing app launcher names which should be excluded
    from the scope view.

  [ Stephen M. Webb ]
  * Added internationalization support.

  [ CI Train Bot ]
  * No-change rebuild.

 -- <email address hidden> (Stephen M. Webb) Fri, 06 May 2016 16:16:35 +0000

Changed in libertine-scope (Ubuntu):
status: In Progress → Fix Released
To post a comment you must log in.
This report contains Public information  Edit
Everyone can see this information.

Other bug subscribers