touch-packages team mailing list archive

Thread
Date

[Bug 1423890] Re: AppArmor support for the XDG Base Directory spec is incomplete

To: touch-packages@xxxxxxxxxxxxxxxxxxx
From: Seth Arnold <1423890@xxxxxxxxxxxxxxxxxx>
Date: Fri, 20 Feb 2015 20:00:40 -0000
Reply-to: Bug 1423890 <1423890@xxxxxxxxxxxxxxxxxx>
Sender: bounces@xxxxxxxxxxxxx

Some discussion on xdg paths has happened here,
https://lists.ubuntu.com/archives/apparmor/2013-August/004183.html --
it'd be nice to revive this.

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to apparmor in Ubuntu.
https://bugs.launchpad.net/bugs/1423890

Title:
  AppArmor support for the XDG Base Directory spec is incomplete

Status in apparmor package in Ubuntu:
  New

Bug description:
  Based on the version of apparmor in trusty-updates:

  Various profiles grant permissions for files in @{HOME}/.cache/. This
  is only sufficient as long as one hasn't set the environment variable
  XDG_CACHE_HOME to point somewhere else. (Use case: store caches
  locally when home directories are on a remote fileserver.)

  I'd suggest defining a new tunable
  @{XDG_CACHE_HOME}=@{HOME}/.cache/
  which local administrators could augment as needed (e.g.,
  @{XDG_CACHE_HOME}+=/var/cache/xdg/*/
  or whatever the local convention may be).

  Similar treatment may be needed for the other environment variables mentioned in the XDG basedir spec:
  XDG_CONFIG_HOME for @{HOME}/.config
  XDG_DATA_HOME for @{HOME}/.local/share (and/or @{HOME}/.local ?)

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/apparmor/+bug/1423890/+subscriptions

References

[Bug 1423890] [NEW] AppArmor support for the XDG Base Directory spec is incomplete
From: Sergio Gelato, 2015-02-20