Ubuntu
apparmor package

abstractions/aspell should authorize write access to ~/.aspell.*.{pws,prepl}

Bug #917859 reported by Simon Déziel on 2012-01-17

6

This bug affects 1 person

Affects		Status	Importance	Assigned to	Milestone
	apparmor (Ubuntu)	Fix Released	Medium	Steve Beattie

Bug Description

/etc/apparmor.d/abstractions/aspell contains :

# per-user settings and dictionaries
@{HOME}/.aspell.*.{pws,prepl} rk,

but per-user dictionaries should be editable to save custom words and such.

ProblemType: Bug
DistroRelease: Ubuntu 11.10
Package: apparmor 2.7.0~beta1+bzr1774-1ubuntu2
ProcVersionSignature: Ubuntu 3.0.0-15.25-generic 3.0.13
Uname: Linux 3.0.0-15-generic x86_64
ApportVersion: 1.23-0ubuntu4
Architecture: amd64
Date: Tue Jan 17 15:11:42 2012
InstallationMedia: Ubuntu 11.10 "Oneiric Ocelot" - Release amd64 (20111011)
ProcEnviron:
LANGUAGE=en_CA:en
LANG=en_CA.UTF-8
SHELL=/bin/bash
ProcKernelCmdline: BOOT_IMAGE=/vmlinuz-3.0.0-15-generic root=/dev/mapper/crypt-root ro quiet splash vt.handoff=7
SourcePackage: apparmor
UpgradeStatus: No upgrade log present (probably fresh install)

Tags:

Related branches

lp:apparmor/2.12

lp:apparmor/2.7

lp:ubuntu/precise/apparmor

lp:~kees/apparmor/debian

Revision history for this message

Simon Déziel (sdeziel) wrote on 2012-01-17:

#1

ApparmorPackages.txt Edit (297 bytes, text/plain; charset="utf-8")
ApparmorStatusOutput.txt Edit (2.1 KiB, text/plain; charset="utf-8")
Dependencies.txt Edit (2.1 KiB, text/plain; charset="utf-8")
KernLog.txt Edit (18.6 KiB, text/plain; charset="utf-8")
PstreeP.txt Edit (13.8 KiB, text/plain; charset="utf-8")

Revision history for this message

Simon Déziel (sdeziel) wrote on 2012-01-17:

#2

I noticed this missing permission when using a custom profile for pidgin including <abstractions/aspell>. The kern.log error looks like this :

Jan 17 13:46:21 simon-laptop kernel: [117850.427005] type=1400 audit(1326825981.598:128): apparmor="DENIED" operation="open" parent=1 profile="/usr/bin/pidgin" name="/home/simon/.aspell.en.prepl" pid=11333 comm="pidgin" requested_mask="wc" denied_mask="wc" fsuid=1000 ouid=1000

Revision history for this message

Steve Beattie (sbeattie) wrote on 2012-01-18:

#3

Thanks, submitted patch to upstream to fix this and add the 'owner' modifier to the rule as well.

Changed in apparmor (Ubuntu):
status:	New → In Progress
importance:	Undecided → Medium
assignee:	nobody → Steve Beattie (sbeattie)

Revision history for this message

Steve Beattie (sbeattie) wrote on 2012-01-18:

#4

Patch was accepted upstream; it should make it into the next apparmor upload.

Changed in apparmor (Ubuntu):
status:	In Progress → Fix Committed

Revision history for this message

Launchpad Janitor (janitor) wrote on 2012-01-18:

#5

This bug was fixed in the package apparmor - 2.7.0-0ubuntu4

---------------
apparmor (2.7.0-0ubuntu4) precise; urgency=low

  * debian/patches/0034-lp917859.patch: adjust aspell abstraction for user
    customizable dictionaries (LP: #917859)
  * debian/patches/0035-kde-should-use-kde4.patch: adjust abstractions to
    use kde{,4} instead of kde
  * debian/control: update Vcs-Bzr
-- Jamie Strandboge <email address hidden> Wed, 18 Jan 2012 16:27:30 -0600

Changed in apparmor (Ubuntu):
status:	Fix Committed → Fix Released

Report a bug

This report contains Public information

Everyone can see this information.

You are

Subscribing...

Edit bug mail

Other bug subscribers

Bug attachments

Add attachment

Remote bug watches

Bug watches keep track of this bug in other bug trackers.