Ubuntu
apparmor package

From v49.0, Firefox needs read access to @{PROC}/net/arp

Bug #1628956 reported by Franck on 2016-09-29

282

This bug affects 6 people

Affects

Status

Importance

Assigned to

Milestone

apparmor (Ubuntu)

Confirmed

High

Unassigned

You need to log in to change this bug's status.

Affecting:	apparmor (Ubuntu)
Filed here by:	Franck
When:	2016-09-29
Confirmed:	2017-01-11

Target

Distribution
Package	(Find…)
Project	(Find…)

Status	Importance
	High

Assigned to

	Nobody
	Me

Comment on this change (optional)

Email me about changes to this bug report

(?)

Bug Description

Since the latest upgrade of Firefox to 49.0, it will need read access to @{PROC}/net/arp

I don't know what the security implications are, so I don't know if we want to give read access to explicitely deny it. Both seem to work.

ProblemType: Bug
DistroRelease: Ubuntu 16.04
Package: apparmor-profiles 2.10.95-0ubuntu2.2
ProcVersionSignature: Ubuntu 4.4.0-38.57-generic 4.4.19
Uname: Linux 4.4.0-38-generic x86_64
NonfreeKernelModules: zfs zunicode zcommon znvpair zavl
ApportVersion: 2.20.1-0ubuntu2.1
Architecture: amd64
CurrentDesktop: Unity
Date: Thu Sep 29 16:55:21 2016
InstallationDate: Installed on 2015-10-04 (361 days ago)
InstallationMedia: Ubuntu 15.10 "Wily Werewolf" - Alpha amd64 (20151002)
PackageArchitecture: all
ProcKernelCmdline: BOOT_IMAGE=/vmlinuz-4.4.0-38-generic.efi.signed root=/dev/mapper/ubuntu--vg-root ro noprompt persistent kaslr threadirqs quiet splash vt.handoff=7
SourcePackage: apparmor
Syslog:
Sep 29 10:37:52 franck-ThinkPad-T430s dbus[2546]: [system] AppArmor D-Bus mediation is enabled
Sep 29 16:50:57 franck-ThinkPad-T430s dbus[2410]: [system] AppArmor D-Bus mediation is enabled
UpgradeStatus: No upgrade log present (probably fresh install)
modified.conffile..etc.apparmor.d.sbin.klogd: [modified]
modified.conffile..etc.apparmor.d.sbin.syslogd: [modified]
modified.conffile..etc.apparmor.d.usr.bin.chromium-browser: [modified]
modified.conffile..etc.apparmor.d.usr.sbin.avahi-daemon: [modified]
modified.conffile..etc.apparmor.d.usr.sbin.dnsmasq: [modified]
modified.conffile..etc.apparmor.d.usr.sbin.dovecot: [modified]
modified.conffile..etc.apparmor.d.usr.sbin.identd: [modified]
modified.conffile..etc.apparmor.d.usr.sbin.mdnsd: [modified]
modified.conffile..etc.apparmor.d.usr.sbin.nmbd: [modified]
modified.conffile..etc.apparmor.d.usr.sbin.nscd: [modified]
modified.conffile..etc.apparmor.d.usr.sbin.smbd: [modified]
mtime.conffile..etc.apparmor.d.sbin.klogd: 2015-10-05T12:04:03.854535
mtime.conffile..etc.apparmor.d.sbin.syslogd: 2015-10-05T12:03:15.705968
mtime.conffile..etc.apparmor.d.usr.bin.chromium-browser: 2015-10-05T12:02:05.273141
mtime.conffile..etc.apparmor.d.usr.sbin.avahi-daemon: 2016-04-13T19:13:25.829679
mtime.conffile..etc.apparmor.d.usr.sbin.dnsmasq: 2016-04-13T19:13:05.941424
mtime.conffile..etc.apparmor.d.usr.sbin.dovecot: 2015-10-05T12:00:55.356323
mtime.conffile..etc.apparmor.d.usr.sbin.identd: 2015-10-05T12:01:02.204403
mtime.conffile..etc.apparmor.d.usr.sbin.mdnsd: 2015-10-05T12:02:37.861523
mtime.conffile..etc.apparmor.d.usr.sbin.nmbd: 2015-10-05T12:00:10.119794
mtime.conffile..etc.apparmor.d.usr.sbin.nscd: 2016-04-13T19:14:17.520643
mtime.conffile..etc.apparmor.d.usr.sbin.smbd: 2015-10-05T12:00:26.103981

Tags: Edit Tag help

Franck (alci) wrote on 2016-09-29:

ApparmorPackages.txt Edit (482 bytes, text/plain; charset="utf-8")
ApparmorStatusOutput.txt Edit (3.9 KiB, text/plain; charset="utf-8")
Dependencies.txt Edit (2.4 KiB, text/plain; charset="utf-8")
JournalErrors.txt Edit (41.0 KiB, text/plain; charset="utf-8")
KernLog.txt Edit (48.9 KiB, text/plain; charset="utf-8")
ProcEnviron.txt Edit (328 bytes, text/plain; charset="utf-8")
PstreeP.txt Edit (34.1 KiB, text/plain; charset="utf-8")

Vincas Dargis (talkless) wrote on 2016-10-17:

Maybe we should ask Firefox devs what they mean by that? net/arp contains rather sensitive info...

Franck (alci) wrote on 2016-10-17:

Ok, I just asked on firefox-dev mailing list...

Franck (alci) wrote on 2016-10-18:

Motivation for this new requirement is:

## Why

Each particular network your computer and browser run in has its own set of
network conditions, routers, proxies and MITM situations.

Changing between networks also changes proxies. Intercepting or explicit,
willing or unwilling, HTTP or even HTTPS with custom installed trust-roots.
This makes the web content cache, the cookie store and others to save
contents from one network that is potentially different than what is received
over other networks. It can lead to content pollution and information leaks,
on purpose by malicious actors or just by mistake.

see the details here https://bug1240932.bmoattachments.org/attachment.cgi?id=8709691

Launchpad Janitor (janitor) wrote on 2017-01-11:

Status changed to 'Confirmed' because the bug affects multiple users.

Changed in apparmor (Ubuntu):
status:	New → Confirmed

Alberto Salvia Novella (es20490446e) on 2017-01-13

Changed in apparmor (Ubuntu):
importance:	Undecided → Critical
information type:	Public → Public Security
Changed in apparmor (Ubuntu):
importance:	Critical → High

Thomas Mayer (thomas303) wrote on 2017-01-29:

A patch which might fix this issue, too, is available at 1659988.

https://bugs.launchpad.net/ubuntu/+source/firefox/+bug/1659988

Everyone affected, please give it a try and report back.

Vincas Dargis (talkless) wrote on 2017-05-15:

I've tried patched version from 1659988, it works fine.

Report a bug

This report contains Public Security information Edit

Everyone can see this security related information.

You are

Subscribing...

Edit bug mail

Other bug subscribers

Bug attachments

Add attachment

Ubuntuapparmor package

From v49.0, Firefox needs read access to @{PROC}/net/arp

Bug Description

Other bug subscribers

Bug attachments

Ubuntu
apparmor package