Ubuntu
apparmor package

AppArmor support for the XDG Base Directory spec is incomplete

Bug #1423890 reported by Sergio Gelato on 2015-02-20

This bug affects 1 person

Affects		Status	Importance	Assigned to	Milestone
	apparmor (Ubuntu)	New	Wishlist	Unassigned

Bug Description

Based on the version of apparmor in trusty-updates:

Various profiles grant permissions for files in @{HOME}/.cache/. This is only sufficient as long as one hasn't set the environment variable XDG_CACHE_HOME to point somewhere else. (Use case: store caches locally when home directories are on a remote fileserver.)

I'd suggest defining a new tunable
@{XDG_CACHE_HOME}=@{HOME}/.cache/
which local administrators could augment as needed (e.g.,
@{XDG_CACHE_HOME}+=/var/cache/xdg/*/
or whatever the local convention may be).

Similar treatment may be needed for the other environment variables mentioned in the XDG basedir spec:
XDG_CONFIG_HOME for @{HOME}/.config
XDG_DATA_HOME for @{HOME}/.local/share (and/or @{HOME}/.local ?)

Revision history for this message

Seth Arnold (seth-arnold) wrote on 2015-02-20:

Some discussion on xdg paths has happened here, https://lists.ubuntu.com/archives/apparmor/2013-August/004183.html -- it'd be nice to revive this.

Mathew Hodson (mhodson) on 2016-04-21

Changed in apparmor (Ubuntu):
importance:	Undecided → Wishlist

Report a bug

This report contains Public information

Everyone can see this information.

You are

Subscribing...

Edit bug mail

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.

Ubuntuapparmor package

AppArmor support for the XDG Base Directory spec is incomplete

Bug Description

Other bug subscribers

Remote bug watches

Ubuntu
apparmor package