Mozilla Firefox

Merge lp://qastaging/~jdstrand/firefox/firefox-433362+433128 into lp://qastaging/firefox/3.5

  1. firefox-433362+433128
  2. Merge into firefox-3.5.head
Proposed by Jamie Strandboge
Status: Merged
Merged at revision: not available
Proposed branch: lp://qastaging/~jdstrand/firefox/firefox-433362+433128
Merge into: lp://qastaging/firefox/3.5
Diff against target: 73 lines
2 files modified
debian/changelog (+5/-2)
debian/usr.bin.firefox.apparmor.in (+15/-4)
To merge this branch: bzr merge lp://qastaging/~jdstrand/firefox/firefox-433362+433128
Reviewer Review Type Date Requested Status
Alexander Sack (community) Approve
Review via email: mp+12157@code.qastaging.launchpad.net
To post a comment you must log in.
Revision history for this message
Jamie Strandboge (jdstrand) wrote :

This assumes that my prior merge request is also accepted (revision 470).

lp://qastaging/~jdstrand/firefox/firefox-433362+433128 updated
472. By Jamie Strandboge

clean up extensions access

Revision history for this message
Alexander Sack (asac) :
review: Approve

Preview Diff

[H/L] Next/Prev Comment, [J/K] Next/Prev File, [N/P] Next/Prev Hunk
1=== modified file 'debian/changelog'
2--- debian/changelog 2009-09-14 14:26:58 +0000
3+++ debian/changelog 2009-09-25 15:16:09 +0000
4@@ -37,13 +37,16 @@
5 - update debian/rules
6
7 [ Jamie Strandboge <jamie@ubuntu.com> ]
8- * fix bugs sourrounding apparmor profile
9- + allow gnash (LP: #429061)
10+ * fix bugs surrounding apparmor profile
11+ + allow ixr access to gnash (LP: #429061)
12+ + allow ixr access to pulseaudio (LP: #432702)
13 + allow access to plugins directory (LP: #428071)
14+ + allow access to mounted media (LP: #433362)
15 + allow access to abstractions/ubuntu-console-email,
16 abstractions/ubuntu-email and abstractions/ubuntu-gnome-terminal
17 for mailto:. Add commented section for using xterm and konsole
18 - update debian/usr.bin.firefox-3.5
19+ + allow access to extensions directory (LP: #433128)
20
21 -- Fabien Tassin <fta@ubuntu.com> Sat, 05 Sep 2009 19:30:29 +0200
22
23
24=== modified file 'debian/usr.bin.firefox.apparmor.in'
25--- debian/usr.bin.firefox.apparmor.in 2009-09-14 14:26:58 +0000
26+++ debian/usr.bin.firefox.apparmor.in 2009-09-25 15:16:09 +0000
27@@ -77,6 +77,9 @@
28 @{HOME}/** rw,
29 @{HOME}/Desktop/** rw,
30 @{HOME}/Firefox_wallpaper* rw,
31+ owner /media/** rw,
32+ owner /mnt/** rw,
33+ owner /srv/** rw,
34
35 #include <abstractions/private-files>
36 audit deny @{HOME}/.ssh/** mrwkl,
37@@ -104,6 +107,17 @@
38 @{HOME}/.java/** rwk,
39
40 #
41+ # Extensions
42+ # /usr/share/.../extensions/... is already covered by '/usr/** r', above.
43+ # Allow 'x' for downloaded extensions, but inherit policy for safety
44+ @{HOME}/.mozilla/**/extensions/** mixr,
45+
46+ deny /usr/lib/firefox-3.*/update.test w,
47+ deny /usr/lib/mozilla/extensions/**/ w,
48+ deny /usr/lib/xulrunner-addons/extensions/**/ w,
49+ deny /usr/share/mozilla/extensions/**/ w,
50+
51+ #
52 # Plugins/helpers
53 #
54 @{PROC}/[0-9]*/fd/ r,
55@@ -117,10 +131,6 @@
56 /usr/lib/nspluginwrapper/i386/linux/npviewer Uxr,
57 /var/lib/ r,
58 /var/lib/** mr,
59- # noisy
60- deny /usr/share/mozilla/extensions/**/ w,
61- deny /usr/lib/mozilla/extensions/**/ w,
62- deny /usr/lib/firefox-3.*/update.test w,
63
64 # for maximum plugin/helper compatibility
65 #/usr/bin/* Uxr,
66@@ -145,6 +155,7 @@
67 /usr/bin/ooimpress Uxr,
68 /usr/bin/oowriter Uxr,
69 /usr/bin/gtk-gnash ixr,
70+ /usr/bin/pulseaudio ixr,
71
72 # totem
73 /usr/lib/totem/** ixr,

Subscribers

People subscribed via source and target branches