Bug #11578: Totem AppArmor profile allows opening OTR private key

Bug #11578

Totem AppArmor profile allows opening OTR private key

Added by intrigeri 2016-07-19 08:12:58 . Updated 2016-11-15 18:23:32 .

Status:

Resolved

Priority:

Normal

Assignee:

Category:

Target version:

Tails_2.7

Start date:

2016-07-19

Due date:

% Done:

100%

Feature Branch:

bugfix/11578-totem-vs-otr

Type of work:

Code

Blueprint:

Starter:

Affected tool:

Deliverable for:

Description

i.e. /home/amnesia/.purple/otr.private_key. One of the private-files* abstractions should forbid that… without blocking Pidgin’s access to the OTR key.

Subtasks

Related issues

Related to Tails - ~~Bug #11984~~: Error message when starting Totem: "Failed to get bookmarks list: library routine called out of sequence"	Resolved	2016-11-21
Related to Tails - ~~Bug #9533~~: Tighten Evince AppArmor policy	Rejected	2015-06-04

History

#1 Updated by intrigeri 2016-07-19 08:52:03

Target version changed from Tails_2.7 to Tails_2.6

#2 Updated by intrigeri 2016-07-19 08:52:17

Parent task set to ~~Bug #9534~~

#3 Updated by intrigeri 2016-09-12 02:18:43

Target version changed from Tails_2.6 to Tails_2.7

#4 Updated by intrigeri 2016-11-05 14:03:59

Description updated

#5 Updated by intrigeri 2016-11-05 14:35:04

Status changed from Confirmed to In Progress
% Done changed from 0 to 10

Merge request sent upstream: https://code.launchpad.net/~intrigeri/apparmor-profiles/+git/apparmor-profiles/+merge/310120

#6 Updated by intrigeri 2016-11-05 15:03:21

Feature Branch set to bugfix/11578-totem-vs-otr

#7 Updated by intrigeri 2016-11-06 09:30:25

… and https://code.launchpad.net/~intrigeri/apparmor/gnome-gtk3-config/+merge/310132 is needed as well, at least on sid.

#8 Updated by intrigeri 2016-11-06 22:59:32

Assignee changed from intrigeri to bertagaz
% Done changed from 10 to 50
QA Check set to Ready for QA

The regression test I’ve added (expectedly) fails on some devel build from a month ago, and passes on this branch https://jenkins.tails.boum.org/view/Tails_ISO/job/test_Tails_ISO_bugfix-11578-totem-vs-otr/3/cucumberTestReport/using-totem/watching-a-mp4-video-stored-on-the-non-persistent-filesystem/.

#9 Updated by bertagaz 2016-11-08 19:45:45

Status changed from In Progress to Fix committed
Assignee deleted (~~bertagaz~~)
% Done changed from 50 to 100
QA Check changed from Ready for QA to Pass

intrigeri wrote:
> The regression test I’ve added (expectedly) fails on some devel build from a month ago, and passes on this branch https://jenkins.tails.boum.org/view/Tails_ISO/job/test_Tails_ISO_bugfix-11578-totem-vs-otr/3/cucumberTestReport/using-totem/watching-a-mp4-video-stored-on-the-non-persistent-filesystem/.

Jenkins can’t build at the moment due to bad routing to immerda, but this branch runs fine at $HOME. Code review passes with particular waves about test suite changes being only in a feature file, 0 step definition changes. Writing regression test became as easy as that commit. :)

Merged!

#10 Updated by bertagaz 2016-11-15 18:23:32

Status changed from Fix committed to Resolved

#11 Updated by intrigeri 2016-12-04 15:47:07

related to ~~Bug #11984~~: Error message when starting Totem: "Failed to get bookmarks list: library routine called out of sequence" added

#12 Updated by intrigeri 2017-01-09 19:27:31

related to ~~Bug #9533~~: Tighten Evince AppArmor policy added