http://bugzilla.suse.com/show_bug.cgi?id=1134327
http://bugzilla.suse.com/show_bug.cgi?id=1134327#c14
--- Comment #14 from Johannes Meixner ---
Christian Boltz,
I will not attend the openSUSE Conference.
In general I wonder why the Ghostscript "wrapper scripts"
should be restricted.
What would be the possible attack here?
All the Ghostscript "wrapper scripts" are installed with
-rwxr-xr-x 1 root root ...
so only root can change them to let them execute unwanted stuff.
But an AppArmor profile for them must allow each of them to execute
what each of them already executes so what is the additional security
of such an AppArmor profile?
Again: I know basically nothing about AppArmor so I may overlook
something that is obvious for those who know about AppArmor.
--
You are receiving this mail because:
You are on the CC list for the bug.