Unprivileged user namespace restrictions break various third-party applications
Bug #2036698 reported by
Alex Murray
This bug affects 1 person
| Affects | Status | Importance | Assigned to | Milestone | |
|---|---|---|---|---|---|
| apparmor (Ubuntu) |
Fix Released
|
High
|
Alex Murray | ||
Bug Description
Similar to https:/
These include:
- Brave
- Microsoft Edge
- Opera
- Visual Studio Code
- Vivaldi
apparmor in mantic should ship skeleton profiles for each of these to ensure they work as expected if a user has them installed.
| Changed in apparmor (Ubuntu): | |
| assignee: | nobody → Alex Murray (alexmurray) |
| importance: | Undecided → High |
| status: | New → Confirmed |
Revision history for this message
| Launchpad Janitor (janitor) wrote | #1 |
| Changed in apparmor (Ubuntu): | |
| status: | Confirmed → Fix Released |
To post a comment you must log in.
This bug was fixed in the package apparmor - 4.0.0~alpha2-
---------------
apparmor (4.0.0~
* Add additional AppArmor profiles to support third-party applications
that use unprivileged user namespace restrictions (LP: #2036698)
- Refreshed d/p/u/userns-
profiles and added to debian/
- usr.share.
- opt.microsoft.
- usr.lib.
- opt.brave.
- opt.vivaldi.
* Clarify comment in sysctl.d conf file that this feature is not
enabled by default but can be overridden by the user if desired.
-- Alex Murray <email address hidden> Fri, 22 Sep 2023 16:50:22 +0930