Comment 30 for bug 462419

Pausanias wrote:
> I have been looking at all the "apparmor prevents" bugs that have been reported of late. DVI printing, chromium, etc...
> the package maintainers' strategy has been to add an exceptions to the apparmor profile as the bugs come in. May I
> comment that this is a ludicrous situation? There are going to be numerous helper applications that people might
> want to use within a PDF file... why is apparmor blocking them all?

and in another message added:
> And I still think the state of the evince apparmor profile has not been well thought out. You should not be restricting
> the helper applications that a user can call from evince. What if I want to make a presentation that views a .XYZ file
> with my special graphics program renderXYZ (not at all uncommon for scientific presentations)? I have to have root
> access so I can edit that abstraction file? This is a poor design choice.

I completely agree. I have this problem now with gmplayer, and I am quite amazed such a restriction was added without a non-root way of adding arbitrary helper apps. Or have apparmor pop up the question to the user of granting access to this or that. Is there still no other way around than editing /etc/apparmor.d/abstractions/evince as root and reloading ?

Nobody cares to comment on the point Pausanias made ?