cannot create directory outside of $HOME
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
evince (Ubuntu) |
Fix Released
|
Medium
|
Jamie Strandboge | ||
Lucid |
Fix Released
|
Undecided
|
Unassigned |
Bug Description
Binary package hint: evince
Evince cannot create a directory using the "create directory" button from the gnome file dialog. It reports an error "Cannot create directory: permission denied". This does not happen if I create the directory within /home/, but it happens if I create it in a mounted windows partition (to which I have write access). This seems to be an apparmor problem (cf. bug #489170): /var/log/messages reports
Nov 30 08:59:54 dave-laptop kernel: [ 1778.955484] type=1503 audit(125956799
ProblemType: Bug
Architecture: i386
CheckboxSubmission: 448ddb0c4aba421
CheckboxSystem: cfcd60a3bf8b6d8
Date: Mon Nov 30 08:54:57 2009
DistroRelease: Ubuntu 9.10
ExecutablePath: /usr/bin/evince
Package: evince 2.28.1-0ubuntu1.2
ProcEnviron:
LANG=en_GB.UTF-8
SHELL=/bin/bash
ProcVersionSign
SourcePackage: evince
Uname: Linux 2.6.31-15-generic i686
XsessionErrors:
(gnome-
(gnome-
(polkit-
(nautilus:1863): Eel-CRITICAL **: eel_preferences
(gnome-
Related branches
Changed in evince (Ubuntu): | |
assignee: | nobody → Jamie Strandboge (jdstrand) |
assignee: | Jamie Strandboge (jdstrand) → nobody |
importance: | Undecided → Low |
Changed in evince (Ubuntu): | |
status: | New → Confirmed |
Changed in evince (Ubuntu): | |
status: | Triaged → Fix Committed |
Changed in evince (Ubuntu): | |
status: | Fix Committed → Fix Released |
Thank you for using Ubuntu and taking the time to report a bug. This path is:
Decoded: /windows/Documents and Settings/Dave/My Documents/test/
AppArmor has denied access to this directory because it is not a standard location for files, therefore you must adjust your profile to allow access to the /windows folder. This can be done by adding the following to /etc/apparmor. d/usr.bin. evince:
/windows/** rw,
Followed by: d/usr.bin. evince
$ sudo apparmor_parser -r -T -W /etc/apparmor.
Keep in mind that if there is a flaw in evince or (much more likely) one of the image/PDF libraries, opening a malicious file could allow an attacker to write to this directory. See http:// en.opensuse. org/AppArmor_ Geeks#Anatomy_ of_a_Profile for more information on AppArmor profiling.