~ubuntu-branches/ubuntu/wily/apparmor-easyprof-ubuntu/wily

Viewing changes to data/policygroups/ubuntu/1.1/webview

browse files at revision 87
compare with another revision
download diff
download tarball
view history from revision 87

Committer: Package Import Robot
Author(s): Jamie Strandboge
Date: 2014-09-29 12:28:39 UTC
Revision ID: package-import@ubuntu.com-20140929122839-4g20qdy7f1gcda0e

ubuntu/webview: explicitly deny write access to @{PROC}/[0-9]*/oom_adj
and @{PROC}/[0-9]*/oom_score_adj. This is confirmed as a way to escape
application lifecycle (LP: #1260115)

files modified:
data/policygroups/ubuntu/1.1/webview

debian/changelog

Show diffs side-by-side

added added

removed removed

data/policygroups/ubuntu/1.1/webview

127

unix (getattr, getopt, setopt, shutdown),

128

129

# LP: #1260115

130

owner @{PROC}/[0-9]*/oom_adj w,

131

owner @{PROC}/[0-9]*/oom_score_adj w,

130

deny @{PROC}/[0-9]*/oom_adj w,

131

deny @{PROC}/[0-9]*/oom_score_adj w,

132

133

/usr/lib/@{multiarch}/oxide-qt/oxide-renderer rmix,

134

Older »