On 18/11/2016 07:37, Pavel Sanda wrote:
Tommaso Cucinotta wrote:
Apparmor is considered experimental and userspace utils are hardmasked under
gentoo (aka ultraexperimental stuff which might break).
ok, good to know. Ubuntu seems to have jumped trustfully onto it
tommaso@tommylap:~$ find /etc/apparmor.d/ | wc -l
202
where, among others, we can see Firefox, Telepathy, rsyslogd, libvirtd, cupsd,
snapd, evince, dhclient, with some profiles.
So, Gentoo adds up to the RPM-based distros that also don't come with AppArmor
ready (e.g., betting more on SELinux).
Reading through the threads about hardening lyx my thoughts are:
- apparmor will likely be pita for proper lyx installing and causing
maintenance burden not worth of the feature-added value.
We could bundle it but better not to ask as requirement.
the Ubuntu (or other) .deb might come with the profile installed in /etc, but
whether it will be used depends on whether or not AppArmor is up & running or
disabled etc...
Other distros might do otherwise.
- confirmation dialogs tend to be overlooked by users so
while I am not against having it, one click away from potential
disaster does not seem to be enough.
right.
- we could add pref setting combo like "never run/run after confirmation/never
ask" and 2nd option could be your dialog which allows switching to "never
ask" for a given document(or global?). Any install will have default "never
run" and require that user goes to prefs and consciously do something about
unhardening lyx.
sure, that can be a 2nd option, the one to "never run" that has to be
explicitly unchecked in the prefs.
Although, I'm not sure about enabling it by default, could become a usability
issue in the transition phase, when users will see things not working any more.
Thanks,
T.
