Firefox profile resulting in ptrace read denials
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
firefox (Ubuntu) |
New
|
Undecided
|
Unassigned |
Bug Description
The firefox profile on utopic is resulting in denials like
[ 351.414861] audit: type=1400 audit(141219002
[ 351.414875] audit: type=1400 audit(141219002
This is most likely due to firefox scanning for information via /proc/<pid>/
which will result in a ptrace read permission request in the kernel
atm I have locally added the rule*
deny ptrace read peer=[^
*my local firefox profile is patched to be named
profile firefox /usr/lib/
instead of the default of using the attachment path as a name
tags: | added: apparmor |
affects: | apparmor (Ubuntu) → firefox (Ubuntu) |