touch-packages team mailing list archive

Thread
Date

[Bug 1197060] Re: SDK webview applications should use an app-specific path for shared memory files

To: touch-packages@xxxxxxxxxxxxxxxxxxx
From: Launchpad Bug Tracker <1197060@xxxxxxxxxxxxxxxxxx>
Date: Mon, 29 Sep 2014 15:50:22 -0000
Reply-to: Bug 1197060 <1197060@xxxxxxxxxxxxxxxxxx>
Sender: bounces@xxxxxxxxxxxxx

This bug was fixed in the package apparmor-easyprof-ubuntu - 1.2.28

---------------
apparmor-easyprof-ubuntu (1.2.28) utopic; urgency=medium

  * ubuntu/calendar: add missing rule for org.freedesktop.DBus.Introspectable
    on path /com/canonical/indicator/datetime/AlarmProperties (LP: #1374623)
  * ubuntu/1.[12]/ubuntu-{sdk,webapp}: remove no longer needed rule for
    /{,run/}shm/shm/WK2SharedMemory.[0-9]* (LP: #1197060)
  * ubuntu/microphone:
    - add temporary write access to /{run,dev}/shm/shmfd-* for QAudioRecorder
      (LP: #1370218)
    - explicitly deny read on /dev/
  * ubuntu/1.1/webview: allow dbus send to RequestName on org.freedesktop.DBus
    webapp-container needs corresponding 'bind' call on
    org.freedesktop.Application, which we block elsewhere. webapp-container
    shouldn't be doing this under confinement, but we allow this rule in
    content_exchange, so just allow it to avoid confusion. (LP: #1357371)
 -- Jamie Strandboge <jamie@xxxxxxxxxx>   Fri, 26 Sep 2014 15:21:37 -0500

** Changed in: apparmor-easyprof-ubuntu (Ubuntu)
       Status: Won't Fix => Fix Released

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to apparmor in Ubuntu.
https://bugs.launchpad.net/bugs/1197060

Title:
  SDK webview applications should use an app-specific path for shared
  memory files

Status in “apparmor” package in Ubuntu:
  In Progress
Status in “apparmor-easyprof-ubuntu” package in Ubuntu:
  Fix Released
Status in “qtwebkit-opensource-src” package in Ubuntu:
  Won't Fix
Status in “apparmor” source package in Saucy:
  Won't Fix
Status in “apparmor-easyprof-ubuntu” source package in Saucy:
  Won't Fix
Status in “qtwebkit-opensource-src” source package in Saucy:
  Won't Fix
Status in “apparmor” source package in Trusty:
  Won't Fix
Status in “apparmor-easyprof-ubuntu” source package in Trusty:
  Won't Fix
Status in “qtwebkit-opensource-src” source package in Trusty:
  Won't Fix

Bug description:
  Ubuntu SDK applications that use webkit webviews create shared memory files as /run/shm/WK2SharedMemory*. This results in an AppArmor rule like the following:
  owner /{,run/}shm/WK2SharedMemory.[0-9]* rwk,

  But this rule is too lenient because a malicious app could enumerate
  these files and attack shared memory of other applications. Therefore,
  these paths need to be made application specific. One suggestion is to
  use something like shm_open("%s-WK2SharedMemory" % <app_pkgname>")
  instead of shm_open("WK2SharedMemory") where '<app_pkgname>' is the
  "name" field in the Click manifest (see bug #1197037 for details).

  Future work will allow for AppArmor IPC to handle this without
  modifications to the SDK, but this may be 14.04 so we need a solution
  for 13.10. I recommend fixing this bug after the other SDK bugs I
  filed today, then talk to the security team before fixing this bug
  since it is possible we will have something for 13.10 that doesn't
  require altering the SDK.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/apparmor/+bug/1197060/+subscriptions