Skip to content

profiles: update snap_browsers permissions

Georgia Garcia requested to merge georgiag/apparmor:fix_snap_browsers into master

The snap_browsers abstraction requires more permissions due to updates on snaps.

Some of the permissions are not required in older versions of Ubuntu that use 2.12 and 2.13, but are introduced for unification and ease of maintenance purposes. These include:

    all dbus permissions,
    @{PROC}/sys/kernel/random/uuid r,
    owner @{PROC}/@{pid}/cgroup r,
    /var/lib/snapd/sequence/{chromium,firefox,opera}.json r,

I also propose a cherry-pick of this commit to 2.12, 2.13 and 3.0

Edited by Georgia Garcia

Merge request reports