touch-packages team mailing list archive
-
touch-packages team
-
Mailing list archive
-
Message #21859
[Bug 1197060] Re: SDK webview applications should use an app-specific path for shared memory files
This bug was fixed in the package apparmor-easyprof-ubuntu - 1.2.28
---------------
apparmor-easyprof-ubuntu (1.2.28) utopic; urgency=medium
* ubuntu/calendar: add missing rule for org.freedesktop.DBus.Introspectable
on path /com/canonical/indicator/datetime/AlarmProperties (LP: #1374623)
* ubuntu/1.[12]/ubuntu-{sdk,webapp}: remove no longer needed rule for
/{,run/}shm/shm/WK2SharedMemory.[0-9]* (LP: #1197060)
* ubuntu/microphone:
- add temporary write access to /{run,dev}/shm/shmfd-* for QAudioRecorder
(LP: #1370218)
- explicitly deny read on /dev/
* ubuntu/1.1/webview: allow dbus send to RequestName on org.freedesktop.DBus
webapp-container needs corresponding 'bind' call on
org.freedesktop.Application, which we block elsewhere. webapp-container
shouldn't be doing this under confinement, but we allow this rule in
content_exchange, so just allow it to avoid confusion. (LP: #1357371)
-- Jamie Strandboge <jamie@xxxxxxxxxx> Fri, 26 Sep 2014 15:21:37 -0500
** Changed in: apparmor-easyprof-ubuntu (Ubuntu)
Status: Won't Fix => Fix Released
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to apparmor in Ubuntu.
https://bugs.launchpad.net/bugs/1197060
Title:
SDK webview applications should use an app-specific path for shared
memory files
Status in “apparmor” package in Ubuntu:
In Progress
Status in “apparmor-easyprof-ubuntu” package in Ubuntu:
Fix Released
Status in “qtwebkit-opensource-src” package in Ubuntu:
Won't Fix
Status in “apparmor” source package in Saucy:
Won't Fix
Status in “apparmor-easyprof-ubuntu” source package in Saucy:
Won't Fix
Status in “qtwebkit-opensource-src” source package in Saucy:
Won't Fix
Status in “apparmor” source package in Trusty:
Won't Fix
Status in “apparmor-easyprof-ubuntu” source package in Trusty:
Won't Fix
Status in “qtwebkit-opensource-src” source package in Trusty:
Won't Fix
Bug description:
Ubuntu SDK applications that use webkit webviews create shared memory files as /run/shm/WK2SharedMemory*. This results in an AppArmor rule like the following:
owner /{,run/}shm/WK2SharedMemory.[0-9]* rwk,
But this rule is too lenient because a malicious app could enumerate
these files and attack shared memory of other applications. Therefore,
these paths need to be made application specific. One suggestion is to
use something like shm_open("%s-WK2SharedMemory" % <app_pkgname>")
instead of shm_open("WK2SharedMemory") where '<app_pkgname>' is the
"name" field in the Click manifest (see bug #1197037 for details).
Future work will allow for AppArmor IPC to handle this without
modifications to the SDK, but this may be 14.04 so we need a solution
for 13.10. I recommend fixing this bug after the other SDK bugs I
filed today, then talk to the security team before fixing this bug
since it is possible we will have something for 13.10 that doesn't
require altering the SDK.
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/apparmor/+bug/1197060/+subscriptions