[Libreoffice-commits] core.git: Branch 'libreoffice-6-1' - sysui/desktop

Libreoffice Gerrit user logerrit at kemper.freedesktop.org
Tue Aug 28 15:07:56 UTC 2018 

 sysui/desktop/apparmor/program.soffice.bin |    4 ++++
 1 file changed, 4 insertions(+)

New commits:
commit 03fe0c36fccc7f2a9d0962dd8ed3d731c9f0d408
Author:     Vincas Dargis <vindrg at gmail.com>
AuthorDate: Tue Aug 14 21:34:59 2018 +0300
Commit:     Caolán McNamara <caolanm at redhat.com>
CommitDate: Tue Aug 28 17:07:33 2018 +0200

    apparmor: fix printing to file
    
    AppArmor denies writing to .ps files and dealing with temporaries needed
    for "Print to file" functionality. Add .ps to the allowed extensions
    list, also giving access to rm executable together with writing
    printing-related temporary file.
    
    Change-Id: I415e1401878bff6459f42162d4e8b517261b9cec
    Reviewed-on: https://gerrit.libreoffice.org/59114
    Tested-by: Jenkins
    Reviewed-by: Rene Engelhard <rene at debian.org>
    (cherry picked from commit 136077b40cdabab83aec6833bf3895d4305d30a3)
    Reviewed-on: https://gerrit.libreoffice.org/59662
    Reviewed-by: Vincas Dargis <vindrg at gmail.com>
    Reviewed-by: Caolán McNamara <caolanm at redhat.com>
    Tested-by: Caolán McNamara <caolanm at redhat.com>

diff --git a/sysui/desktop/apparmor/program.soffice.bin b/sysui/desktop/apparmor/program.soffice.bin
index 82525d6cde7d..6e328c8f4c5c 100644
--- a/sysui/desktop/apparmor/program.soffice.bin
+++ b/sysui/desktop/apparmor/program.soffice.bin
@@ -37,6 +37,8 @@
 @{libreoffice_ext} += {,x,X}[hH][tT][mM]{,l,L}
 #.epub
 @{libreoffice_ext} += [eE][pP][uU][bB]
+#.ps (printing to file)
+@{libreoffice_ext} += [pP][sS]
 
 #Images
 @{libreoffice_ext} += [jJ][pP][gG]
@@ -113,6 +115,7 @@ profile libreoffice-soffice INSTDIR-program/soffice.bin {
   owner @{HOME}/.cache/fontconfig/**    rw,
   owner @{HOME}/.config/gtk-???/bookmarks r,  #Make bookmarks work
   owner @{HOME}/.recently-used          rwk,
+  owner /tmp/psp[0-9][0-9][0-9][0-9][0-9][0-9][0-9][0-9][0-9][0-9]* rw, #/tmp/psp1534203998 (printing to file)
 
   owner /{,var/}run/user/*/dconf/user   rw,
   owner @{HOME}/.config/dconf/user      r,
@@ -127,6 +130,7 @@ profile libreoffice-soffice INSTDIR-program/soffice.bin {
   /{usr/,}bin/sh                        rmix,
   /{usr/,}bin/bash                      rmix,
   /{usr/,}bin/dash                      rmix,
+  /{usr/,}bin/rm                        rmix, #deleting /tmp/psp1534203998 (printing to file)
   /usr/bin/bluetooth-sendto             rmPUx,
   /usr/bin/lpr                          rmPUx,
   /usr/bin/paperconf                    rmix,

More information about the Libreoffice-commits mailing list