diff options
| author | Vincas Dargis <vindrg@gmail.com> | 2018-08-14 21:34:59 +0300 |
|---|---|---|
| committer | Rene Engelhard <rene@debian.org> | 2018-08-27 16:30:26 +0200 |
| commit | 136077b40cdabab83aec6833bf3895d4305d30a3 (patch) | |
| tree | 53ea1b466e49b0aab923abf865f0316317f42251 | |
| parent | 9826a4e4a6aa9953d3f354fe645a23f9dae59d77 (diff) | |
apparmor: fix printing to file
AppArmor denies writing to .ps files and dealing with temporaries needed
for "Print to file" functionality. Add .ps to the allowed extensions
list, also giving access to rm executable together with writing
printing-related temporary file.
Change-Id: I415e1401878bff6459f42162d4e8b517261b9cec
Reviewed-on: https://gerrit.libreoffice.org/59114
Tested-by: Jenkins
Reviewed-by: Rene Engelhard <rene@debian.org>
| -rw-r--r-- | sysui/desktop/apparmor/program.soffice.bin | 4 |
1 files changed, 4 insertions, 0 deletions
diff --git a/sysui/desktop/apparmor/program.soffice.bin b/sysui/desktop/apparmor/program.soffice.bin index 45252291938e..90d663a9d54a 100644 --- a/sysui/desktop/apparmor/program.soffice.bin +++ b/sysui/desktop/apparmor/program.soffice.bin @@ -37,6 +37,8 @@ @{libreoffice_ext} += {,x,X}[hH][tT][mM]{,l,L} #.epub @{libreoffice_ext} += [eE][pP][uU][bB] +#.ps (printing to file) +@{libreoffice_ext} += [pP][sS] #Images @{libreoffice_ext} += [jJ][pP][gG] @@ -117,6 +119,7 @@ profile libreoffice-soffice INSTDIR-program/soffice.bin { owner @{HOME}/.cache/fontconfig/** rw, owner @{HOME}/.config/gtk-???/bookmarks r, #Make bookmarks work owner @{HOME}/.recently-used rwk, + owner /tmp/psp[0-9][0-9][0-9][0-9][0-9][0-9][0-9][0-9][0-9][0-9]* rw, #/tmp/psp1534203998 (printing to file) owner /{,var/}run/user/*/dconf/user rw, owner @{HOME}/.config/dconf/user r, @@ -131,6 +134,7 @@ profile libreoffice-soffice INSTDIR-program/soffice.bin { /{usr/,}bin/sh rmix, /{usr/,}bin/bash rmix, /{usr/,}bin/dash rmix, + /{usr/,}bin/rm rmix, #deleting /tmp/psp1534203998 (printing to file) /usr/bin/bluetooth-sendto rmPUx, /usr/bin/lpr rmPUx, /usr/bin/paperconf rmix, |