Ubuntu
firefox-3.5 package

Firefox's apparmor profile blocks liferea-add-feed from working

Bug #488851 reported by Justin Dugger on 2009-11-26

This bug affects 1 person

Affects		Status	Importance	Assigned to	Milestone
	firefox-3.5 (Ubuntu)	Fix Released	Low	Unassigned

Bug Description

Binary package hint: firefox-3.5

It seems liferea-add-feed is not whitelisted in FF's apparmor profile.

Steps to reproduce
1. Install FF and Liferea
2. Configure FF Application Preferences to open Web Feeds with liferea-add-feed
3. Click on a feed $url in FF

What should happen:
Liferea recieves the url, downloads the feed and then stores it in it's database.

What happens instead:
An the following appears in dmesg:
[ 3090.829760] type=1503 audit(1259117993.584:36): operation="exec" pid=6873 parent=6872 profile="/usr/lib/firefox-3.5.*/firefox" requested_mask="::x" denied_mask="::x" fsuid=1000 ouid=0 name="/usr/bin/liferea-add-feed"

ProblemType: Bug
Architecture: i386
Date: Thu Nov 26 11:02:15 2009
DistroRelease: Ubuntu 9.10
NonfreeKernelModules: nvidia
Package: firefox-3.5 3.5.5+nobinonly-0ubuntu0.9.10.1
ProcEnviron:
SHELL=/bin/bash
PATH=(custom, no user)
LANG=en_US
LANGUAGE=en_US
ProcVersionSignature: Ubuntu 2.6.31-15.50-generic
SourcePackage: firefox-3.5
Uname: Linux 2.6.31-15-generic i686

Tags:

Related branches

lp:ubuntu/lucid/firefox-3.5

Revision history for this message

Justin Dugger (jldugger) wrote on 2009-11-26:

Dependencies.txt Edit (3.4 KiB, text/plain; charset="utf-8")
ExtensionSummary.txt Edit (645 bytes, text/plain; charset="utf-8")
KernLog.txt Edit (115.9 KiB, text/plain; charset="utf-8")
RelatedPackageVersions.txt Edit (171 bytes, text/plain; charset="utf-8")
XsessionErrors.txt Edit (1.0 KiB, text/plain; charset="utf-8")
default_profile_pluginreg.dat.txt Edit (5.6 KiB, text/plain; charset="utf-8")
profiles.ini.txt Edit (99 bytes, text/plain; charset="utf-8")

tags:

added: apparmor

Revision history for this message

Justin Dugger (jldugger) wrote on 2009-11-26:

Add an exception for liferea-add-feed Edit (295 bytes, text/x-diff)

Add an exception for liferea-add-feed

tags:

added: patch

Revision history for this message

Micah Gersten (micahg) wrote on 2009-11-26:

Thanks for reporting this bug and any supporting documentation. Since this bug has enough information provided for a developer to begin work, I'm going to mark it as Triaged and let them handle it from here. Thanks for taking the time to make Ubuntu better! Please report any other issues you may find.

Changed in firefox-3.5 (Ubuntu):
importance:	Undecided → Low
status:	New → Triaged

Jamie Strandboge (jdstrand) on 2009-12-14

Changed in firefox-3.5 (Ubuntu):
status:	Triaged → Fix Committed

Revision history for this message

Launchpad Janitor (janitor) wrote on 2009-12-18:

This bug was fixed in the package firefox-3.5 - 3.5.6+nobinonly-0ubuntu1

---------------
firefox-3.5 (3.5.6+nobinonly-0ubuntu1) lucid; urgency=low

* New upstream release v3.5.6 (FIREFOX_3_5_6_RELEASE)
- see USN-874-1

  [ Micah Gersten <email address hidden> ]
  * Bump minimum system cairo to 1.8.8
    - update debian/rules
  * Fix .desktop Name field for Slovak translation (LP: 448683)
    - update debian/firefox-3.5-final.desktop
  * Fix .desktop Name field for Estonian and Arabic translations
    (LP: 419507, LP: 321239)
    - update debian/firefox-3.5-final.desktop

  [ Jamie Strandboge <email address hidden> ]
  * AppArmor fixes:
    - allow access to nautilus, to allow "Open containing folder" to work
      (LP: #452591)
    - allow access for deluge (LP: #455792)
    - work better with KDE by adding kde abstraction, allow access to soffice,
      allow access to okular and read access to /etc/fstab (for print dialog)
      (LP: #447006)
    - allow access to acroread (LP: #473268)
    - allow access to eog (LP: #464016)
    - allow access to transmission (LP: #476299)
    - deny noisy write attempts to deny /usr/lib/xulrunner-*/components/*.tmp
      as seen with 'firefox --help')
    - deny noisy read to /.suspended (when navigating directories)
    - allow access to /usr/bin/liferea-add-feed (LP: #488851)
    - allow access to azureus (LP: #482677)
    - don't require 'owner' for /media (LP: #479580)
    - adjust AppArmor profile binary globbing to match other branches
    - allow ixr access to sed (for first runs)

  [ Alexander Sack <email address hidden> ]
  * bump lower bound for system sqlite3 to >= 3.6.16.1
    - update debian/rules
-- Alexander Sack <email address hidden> Wed, 16 Dec 2009 00:43:08 +0100

Changed in firefox-3.5 (Ubuntu):
status:	Fix Committed → Fix Released

Report a bug

This report contains Public information

Everyone can see this information.

You are

Subscribing...

Edit bug mail

Other bug subscribers

Bug attachments

Add attachment

Remote bug watches

Bug watches keep track of this bug in other bug trackers.

Ubuntufirefox-3.5 package

Firefox's apparmor profile blocks liferea-add-feed from working

Bug Description

Related branches

Other bug subscribers

Bug attachments

Remote bug watches

Ubuntu
firefox-3.5 package