From v49.0, Firefox needs read access to @{PROC}/net/arp
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
apparmor (Ubuntu) |
Confirmed
|
High
|
Unassigned |
Bug Description
Since the latest upgrade of Firefox to 49.0, it will need read access to @{PROC}/net/arp
I don't know what the security implications are, so I don't know if we want to give read access to explicitely deny it. Both seem to work.
ProblemType: Bug
DistroRelease: Ubuntu 16.04
Package: apparmor-profiles 2.10.95-0ubuntu2.2
ProcVersionSign
Uname: Linux 4.4.0-38-generic x86_64
NonfreeKernelMo
ApportVersion: 2.20.1-0ubuntu2.1
Architecture: amd64
CurrentDesktop: Unity
Date: Thu Sep 29 16:55:21 2016
InstallationDate: Installed on 2015-10-04 (361 days ago)
InstallationMedia: Ubuntu 15.10 "Wily Werewolf" - Alpha amd64 (20151002)
PackageArchitec
ProcKernelCmdline: BOOT_IMAGE=
SourcePackage: apparmor
Syslog:
Sep 29 10:37:52 franck-
Sep 29 16:50:57 franck-
UpgradeStatus: No upgrade log present (probably fresh install)
modified.
modified.
modified.
modified.
modified.
modified.
modified.
modified.
modified.
modified.
modified.
mtime.conffile.
mtime.conffile.
mtime.conffile.
mtime.conffile.
mtime.conffile.
mtime.conffile.
mtime.conffile.
mtime.conffile.
mtime.conffile.
mtime.conffile.
mtime.conffile.
Changed in apparmor (Ubuntu): | |
importance: | Undecided → Critical |
information type: | Public → Public Security |
Changed in apparmor (Ubuntu): | |
importance: | Critical → High |
Maybe we should ask Firefox devs what they mean by that? net/arp contains rather sensitive info...