Change log for apparmor-easyprof-ubuntu package in Ubuntu RTM
1 → 13 of 13 results | First • Previous • Next • Last |
apparmor-easyprof-ubuntu (1.2.41) 14.09; urgency=medium [ Alberto Mardegan ] * ubuntu/accounts: explictly deny access to the p2p socket. This will now be available only to unconfined apps to support a trusted socket for privileged processes (LP: #1415492) -- Jamie Strandboge <email address hidden> Thu, 05 Feb 2015 12:33:59 -0600
Available diffs
Published in 14.09-factory-release |
Superseded in 14.09-release |
Deleted in 14.09-proposed (Reason: moved to release) |
apparmor-easyprof-ubuntu (1.2.40) 14.09; urgency=medium * ubuntu/{music,pictures,video}_files*: temporarily allow read access to global SD card user directory (LP: #1392368). This can be removed once there is a proper API for apps to find the SD card label. -- Jamie Strandboge <email address hidden> Thu, 08 Jan 2015 14:41:20 -0600
Available diffs
apparmor-easyprof-ubuntu (1.2.39) utopic; urgency=medium * ubuntu/{music,pictures,video}_files*: allow access to global SD card directories (LP: #1391930) * ubuntu/ubuntu-scope-network, pending/ubuntu-scope-local-content: allow scopes to read data from the apps data dir (LP: #1384286) -- Jamie Strandboge <email address hidden> Thu, 13 Nov 2014 09:54:18 -0600
apparmor-easyprof-ubuntu (1.2.38) utopic; urgency=medium * ubuntu/networking: add rules for app-specific ubuntu-download-manager file downloads (LP: #1384349) -- Jamie Strandboge <email address hidden> Wed, 22 Oct 2014 14:13:44 -0400
Available diffs
- diff from 1.2.37 (in Ubuntu) to 1.2.38 (674 bytes)
apparmor-easyprof-ubuntu (1.2.37) utopic; urgency=medium * ubuntu/audio: also allow access to GetArtistArt when accessing the thumbnailer (LP: #1381102) -- Jamie Strandboge <email address hidden> Tue, 14 Oct 2014 09:37:24 -0500
Available diffs
- diff from 1.2.35 to 1.2.37 (1.5 KiB)
- diff from 1.2.36 to 1.2.37 (601 bytes)
apparmor-easyprof-ubuntu (1.2.35) utopic; urgency=medium * ubuntu/1.2/push-notification-client: don't deny access to the clipboard since sdk apps are supposed to be able to specify this policy group * ubuntu/1.2: add ubuntu-push-helper for push-helpers to use which (among other things) explicitly disables access to the clipboard (LP: #1371170) * adjust autopackagetest for ubuntu-push-helper * ubuntu/accounts: allow all on org.freedesktop.DBus.Properties for /com/google/code/AccountsSSO/SingleSignOn * ubuntu/1.2/ubuntu-scope-network, pending/ubuntu-scope-local-content: also add remaining libhybris paths (/{,var/}run/shm/hybris_shm_data and /system/build.prop) * ubuntu/ubuntu-sdk: explicitly disallow gsettings (dconf) access (LP: #1378115) -- Jamie Strandboge <email address hidden> Mon, 06 Oct 2014 10:41:18 -0500
Available diffs
- diff from 1.2.34 to 1.2.35 (3.0 KiB)
apparmor-easyprof-ubuntu (1.2.34) utopic; urgency=medium * ubuntu/1.[12]/ubuntu-{sdk,webapp}: re-add still needed rule for /{,run/}shm/shm/WK2SharedMemory.[0-9]*. This needs to stay until qtwebkit is removed from the image (LP: #1377648) -- Jamie Strandboge <email address hidden> Mon, 06 Oct 2014 07:10:09 -0500
Available diffs
- diff from 1.2.30 to 1.2.34 (3.3 KiB)
- diff from 1.2.33 to 1.2.34 (761 bytes)
apparmor-easyprof-ubuntu (1.2.30) utopic; urgency=medium * ubuntu/ubuntu-*: add owner /{run,dev}/shm/shmfd-* rwk (LP: #1370218) * ubuntu/microphone: remove shmfd access since it is in the templates now -- Jamie Strandboge <email address hidden> Tue, 30 Sep 2014 09:33:57 -0500
Available diffs
- diff from 1.2.27 to 1.2.30 (2.2 KiB)
- diff from 1.2.29 to 1.2.30 (1.1 KiB)
apparmor-easyprof-ubuntu (1.2.27) utopic; urgency=medium * ubuntu/ubuntu-{sdk,webapp}: all apps can access the Mir clipboard (LP: #1372579). Note, LP: 1371170 will be fixed in a future update * ubuntu/push-notification-client: explit deny (with auditing) for access to the Mir clipboard (background apps should not have access) * ubuntu/ubuntu-scope-network: explicit deny (with auditing) for access to the Mir clipboard (scopes should not have access) * pending/ubuntu-scope-local-content: bring up to date with changes to ubuntu-scope-network -- Jamie Strandboge <email address hidden> Tue, 23 Sep 2014 09:07:00 -0500
Available diffs
apparmor-easyprof-ubuntu (1.2.22) utopic; urgency=medium * Updates for abstract and anonymous socket mediation (LP: #1362199): - ubuntu/*/ubuntu-*: + use dbus-strict and dbus-session-strict abstractions and remove duplicated policy + allow ubuntu-sdk and ubuntu-webapp connect, receive and send on the maliit abstract socket + allow write access to owner /{,var/}run/user/*/@{APP_PKGNAME}/{,**} - ubuntu/*/unconfined: allow unix - ubuntu/webview: + allow oxide to talk to sandbox via unix sockets + allow sandbox to talk to @{APP_PKGNAME}_@{APP_APPNAME}_@{APP_VERSION} peer + allow various unix perms from base abstract for the sandbox to use unix sockets - debian/control: Depends on apparmor >= 2.8.96~2541-0ubuntu4 * ubuntu/webview: use @{APP_PKGNAME}_@{APP_APPNAME}_@{APP_VERSION} for signal now that we have @{APP_APPNAME} available (LP: #1363112) * ubuntu/debug: 'audit deny @{HOME}/.local/share/ r' which is used by the SDK to see if confined * debian/control: Depends on apparmor >= 2.8.96~2541-0ubuntu4~ -- Jamie Strandboge <email address hidden> Fri, 05 Sep 2014 15:17:07 -0500
Available diffs
- diff from 1.2.21 (in Ubuntu) to 1.2.22 (3.4 KiB)
- diff from 1.2.22~abstract8 to 1.2.22 (812 bytes)
apparmor-easyprof-ubuntu (1.2.21) utopic; urgency=medium * ubuntu/1.2/accounts: online accounts now has Mir trusted session support so move accounts policy group to reserved (LP: #1230091) -- Jamie Strandboge <email address hidden> Wed, 20 Aug 2014 08:05:37 -0500
Available diffs
- diff from 1.2.20 to 1.2.21 (614 bytes)
apparmor-easyprof-ubuntu (1.2.20) utopic; urgency=medium * ubuntu/1.2/ubuntu-scope-network, pending/ubuntu-scope-local-content: - add DBus session and system accesses to scope templates like we have in the app templates. This allows scopes to talk to trusted helpers like online accounts and location-service. Actual communication with the services is still controlled by the respective policy groups. - add scope-specific access to /run/user/[0-9]*/scopes/leaf-{net,fs}/* -- Jamie Strandboge <email address hidden> Fri, 15 Aug 2014 10:56:32 -0500
Available diffs
- diff from 1.2.15 to 1.2.20 (3.7 KiB)
- diff from 1.2.19 to 1.2.20 (1.4 KiB)
apparmor-easyprof-ubuntu (1.2.15) utopic; urgency=medium * ubuntu/*: explicitly deny noisy access to @{PROC}/xlog (LP: #1352432) -- Jamie Strandboge <email address hidden> Mon, 04 Aug 2014 12:56:05 -0500
Available diffs
- diff from 1.2.14 to 1.2.15 (757 bytes)
1 → 13 of 13 results | First • Previous • Next • Last |