openstore-team team mailing list archive
-
openstore-team team
-
Mailing list archive
-
Message #00022
Re: Submission to OpenStore: Seabass code editor
Hi Mikhail,
thanks for your submission. I will try to review it today. One thing
that immediately jumps to mind is the question why you'd need to use the
unconfined template. If you only require reading files in the home
directory, it would be better if you'd use read_paths instead. Here's an
example:
https://open.uappexplorer.com/app/falcon.bhdouglass
Click on the "Manifest" button, it will also contain the apparmor
profile for this app and show you how you can access those files without
dropping apparmor completely. What do you think?
Best regards,
Michael
On 06.08.2016 08:13, Mikhail Milikhin wrote:
> Hello OpenStore team,
>
> I'd like to submit new application - Seabass code editor - to OpenStore.
> The app is already available in Ubuntu Store
> (https://uappexplorer.com/app/seabass.mikhael) but it's restricted to
> read/edit files only in it's own directory at
> /.local/share/seabass.mikhael/. I'd like to upload the same app but with
> unconfined AppArmor template. It'll give app unrestricted access to
> user's Home directory. Hence users will be able to read/edit any files
> in Home directory.
>
> Application sources are available on GitHub:
> https://github.com/milikhin/seabass/releases/latest.
> Ubuntu SDK is not required to build .click package, instead of it latest
> Cordova for Ubuntu is used.
> Complete build instructions are available on GitHub:
> https://github.com/milikhin/seabass/blob/master/building.md.
>
> Since within Cordova framework AppArmor profile is generated
> automatically during the build process, I don't have permanent
> /.apparmor/ and /.apparmor.openstore/ files. The app uses standard
> Cordova AppArmor profile but with additional hak
> (https://github.com/milikhin/seabass/blob/master/building.md#31-patch-for-an-unconfined-version)
> to set template to Unconfined.
>
> Please, send me a message if you have any questions about app or build
> process.
>
> Best regards,
> Mikhael Milikhin
>
>
Attachment:
signature.asc
Description: OpenPGP digital signature
References