On Monday, 24 June 2019 22:26:53 ACST Michal Suchánek wrote: [...]
I agree this is probably a much better way to achieve pretty much the same result
It isn't. Ghostscript needs apparmor to be reasonably secure. A security flaw pointed out in ghostscript was fixed by writing this apparmor profile. For it to be effective you need apparmor even if you did not have it to start with. That's are requirement in my book.
Sounds more like a workaround than a fix. A proper fix would have been to fix the vulnerability in ghostscript, rather than using a sledgehammer to crack a walnut (unless there was absolutely no other way to mitigate the risk). -- ============================================================== Rodney Baker VK5ZTV rodney.baker@iinet.net.au CCNA #CSCO12880208 ============================================================== -- To unsubscribe, e-mail: opensuse-factory+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse-factory+owner@opensuse.org