Comment 4 for bug 2009230

> I just want to check seeing as this profile is only now being enabled in Lunar :)

Hi Chloé,

indeed this is the first time this profile is being enabled (and enforced) by default: ubuntu lunar.

Adding the /dev/console rule is easy enough, as you have figured out. I don't have objections, but would like security's opinion as well. We could also include the /etc/apparmor.d/abstractions/consoles abstraction for that matter, although that one also allows access to /dev/pts*.