Since the latest upgrade of Firefox to 49.0, it will need read access to @{PROC}/net/arp
I don't know what the security implications are, so I don't know if we want to give read access to explicitely deny it. Both seem to work.
ProblemType: Bug
DistroRelease: Ubuntu 16.04
Package: apparmor-profiles 2.10.95-0ubuntu2.2
ProcVersionSignature: Ubuntu 4.4.0-38.57-generic 4.4.19
Uname: Linux 4.4.0-38-generic x86_64
NonfreeKernelModules: zfs zunicode zcommon znvpair zavl
ApportVersion: 2.20.1-0ubuntu2.1
Architecture: amd64
CurrentDesktop: Unity
Date: Thu Sep 29 16:55:21 2016
InstallationDate: Installed on 2015-10-04 (361 days ago)
InstallationMedia: Ubuntu 15.10 "Wily Werewolf" - Alpha amd64 (20151002)
PackageArchitecture: all
ProcKernelCmdline: BOOT_IMAGE=/vmlinuz-4.4.0-38-generic.efi.signed root=/dev/mapper/ubuntu--vg-root ro noprompt persistent kaslr threadirqs quiet splash vt.handoff=7
SourcePackage: apparmor
Syslog:
Sep 29 10:37:52 franck-ThinkPad-T430s dbus[2546]: [system] AppArmor D-Bus mediation is enabled
Sep 29 16:50:57 franck-ThinkPad-T430s dbus[2410]: [system] AppArmor D-Bus mediation is enabled
UpgradeStatus: No upgrade log present (probably fresh install)
modified.conffile..etc.apparmor.d.sbin.klogd: [modified]
modified.conffile..etc.apparmor.d.sbin.syslogd: [modified]
modified.conffile..etc.apparmor.d.usr.bin.chromium-browser: [modified]
modified.conffile..etc.apparmor.d.usr.sbin.avahi-daemon: [modified]
modified.conffile..etc.apparmor.d.usr.sbin.dnsmasq: [modified]
modified.conffile..etc.apparmor.d.usr.sbin.dovecot: [modified]
modified.conffile..etc.apparmor.d.usr.sbin.identd: [modified]
modified.conffile..etc.apparmor.d.usr.sbin.mdnsd: [modified]
modified.conffile..etc.apparmor.d.usr.sbin.nmbd: [modified]
modified.conffile..etc.apparmor.d.usr.sbin.nscd: [modified]
modified.conffile..etc.apparmor.d.usr.sbin.smbd: [modified]
mtime.conffile..etc.apparmor.d.sbin.klogd: 2015-10-05T12:04:03.854535
mtime.conffile..etc.apparmor.d.sbin.syslogd: 2015-10-05T12:03:15.705968
mtime.conffile..etc.apparmor.d.usr.bin.chromium-browser: 2015-10-05T12:02:05.273141
mtime.conffile..etc.apparmor.d.usr.sbin.avahi-daemon: 2016-04-13T19:13:25.829679
mtime.conffile..etc.apparmor.d.usr.sbin.dnsmasq: 2016-04-13T19:13:05.941424
mtime.conffile..etc.apparmor.d.usr.sbin.dovecot: 2015-10-05T12:00:55.356323
mtime.conffile..etc.apparmor.d.usr.sbin.identd: 2015-10-05T12:01:02.204403
mtime.conffile..etc.apparmor.d.usr.sbin.mdnsd: 2015-10-05T12:02:37.861523
mtime.conffile..etc.apparmor.d.usr.sbin.nmbd: 2015-10-05T12:00:10.119794
mtime.conffile..etc.apparmor.d.usr.sbin.nscd: 2016-04-13T19:14:17.520643
mtime.conffile..etc.apparmor.d.usr.sbin.smbd: 2015-10-05T12:00:26.103981
Maybe we should ask Firefox devs what they mean by that? net/arp contains rather sensitive info...