← Back to team overview

touch-packages team mailing list archive

  1. touch-packages team
  2. Mailing list archive
  3. Message #56722

[Bug 1423890] [NEW] AppArmor support for the XDG Base Directory spec is incomplete

  Thread PreviousDate PreviousThread Next 
Public bug reported:

Based on the version of apparmor in trusty-updates:

Various profiles grant permissions for files in @{HOME}/.cache/. This is
only sufficient as long as one hasn't set the environment variable
XDG_CACHE_HOME to point somewhere else. (Use case: store caches locally
when home directories are on a remote fileserver.)

I'd suggest defining a new tunable
@{XDG_CACHE_HOME}=@{HOME}/.cache/
which local administrators could augment as needed (e.g.,
@{XDG_CACHE_HOME}+=/var/cache/xdg/*/
or whatever the local convention may be).

Similar treatment may be needed for the other environment variables mentioned in the XDG basedir spec:
XDG_CONFIG_HOME for @{HOME}/.config
XDG_DATA_HOME for @{HOME}/.local/share (and/or @{HOME}/.local ?)

** Affects: apparmor (Ubuntu)
     Importance: Undecided
         Status: New

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to apparmor in Ubuntu.
https://bugs.launchpad.net/bugs/1423890

Title:
  AppArmor support for the XDG Base Directory spec is incomplete

Status in apparmor package in Ubuntu:
  New

Bug description:
  Based on the version of apparmor in trusty-updates:

  Various profiles grant permissions for files in @{HOME}/.cache/. This
  is only sufficient as long as one hasn't set the environment variable
  XDG_CACHE_HOME to point somewhere else. (Use case: store caches
  locally when home directories are on a remote fileserver.)

  I'd suggest defining a new tunable
  @{XDG_CACHE_HOME}=@{HOME}/.cache/
  which local administrators could augment as needed (e.g.,
  @{XDG_CACHE_HOME}+=/var/cache/xdg/*/
  or whatever the local convention may be).

  Similar treatment may be needed for the other environment variables mentioned in the XDG basedir spec:
  XDG_CONFIG_HOME for @{HOME}/.config
  XDG_DATA_HOME for @{HOME}/.local/share (and/or @{HOME}/.local ?)

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/apparmor/+bug/1423890/+subscriptions

Follow ups

References

  Thread PreviousDate PreviousThread Next