Comment 20 for bug 1659922

Google translate translates comment 19 to "Thomas Mayer (thomas303), after adding the owner /dev/shm/org.chromium.* rw in the patch and Apparmor profile for Firefox Firefox earned. Thank you. But this is a crutch, an update on the issue as there was no and no. Employees of Canonical - Students who do not test software security."

@anikitushkin

There's no reason to believe that the package maintainers lowered security by NOT applying necessary changes to the new requirements of FF 49+. It's rather the other way round: Not widening the apparmor profile to the new requirements of FF is pretty conservative in terms of security. It's just that apparmor blocking requirements of FF renders it broken now - be it because of that conservative approach or because of not testing at all. I agree, that should and could have been tested in the first place, namely before releasing new major versions of FF.

Of course, the FF package needs to be updated to fix this issue for average users. I'm not the maintainer of the FF package, which basically means that I don't have permission to do that myself.

I guess that you can speed up Canonical's integration of the patch into the official package by testing it and reporting back if it works. The reason for that is that package maintainers hopefully become more confident that the patch really fixes exactly this issue as long as multiple users report exactly that, independently of each other.