Roger Shimizu · Roger Shimizu · df0873bb · df0873bb · df0873bb · df0873bb
--- a/debian/changelog
+++ b/debian/changelog
+torbrowser-launcher (0.2.9-5) UNRELEASED; urgency=medium
+
+  * debian/source/lintian-overrides:
+    - Rename from debian/source.lintian-overrides
+  * debian/control:
+    - Rename tag X-Python-Version to XS-Python-Version.
+  * debian/patches:
+    - Cherry-pick three upstream commits to fix appamor profile for
+      Web Content process (Closes: #908463).
+
+ -- Roger Shimizu <rosh@debian.org>  Mon, 10 Sep 2018 00:22:29 +0900
+
 torbrowser-launcher (0.2.9-4) unstable; urgency=medium

  [ Ulrike Uhlig ]

--- a/debian/control
+++ b/debian/control
@@ -10,7 +10,7 @@ Build-Depends:
 help2man,
 lsb-release,
 python-all (>= 2.7.3-4)
-X-Python-Version: >= 2.7
+XS-Python-Version: >= 2.7
 Standards-Version: 3.9.8
 Homepage: https://micahflee.com/torbrowser-launcher/
 Vcs-Git: https://salsa.debian.org/pkg-privacy-team/torbrowser-launcher.git

--- a/debian/patches/0019-AppArmor-confine-Firefox-60-Web-Content-processes-un.patch
+++ b/debian/patches/0019-AppArmor-confine-Firefox-60-Web-Content-processes-un.patch
+From: intrigeri <intrigeri@boum.org>
+Date: Mon, 10 Sep 2018 07:55:18 +0000
+Subject: AppArmor: confine Firefox 60 "Web Content" processes under the
+ torbrowser_plugin_container AppArmor profile.
+
+(cherry picked from commit 678d083491ceba5201d96b514173890944928540)
+---
+ apparmor/torbrowser.Browser.firefox          | 4 +++-
+ apparmor/torbrowser.Browser.plugin-container | 5 ++++-
+ 2 files changed, 7 insertions(+), 2 deletions(-)
+
+diff --git a/apparmor/torbrowser.Browser.firefox b/apparmor/torbrowser.Browser.firefox
+index 69354d1..9f269e1 100644
+--- a/apparmor/torbrowser.Browser.firefox
+++ b/apparmor/torbrowser.Browser.firefox
+@@ -54,7 +54,6 @@ profile torbrowser_firefox @{torbrowser_firefox_executable} {
+   owner @{torbrowser_home_dir}/components/*.so mr,
+   owner @{torbrowser_home_dir}/browser/components/*.so mr,
+   owner @{torbrowser_home_dir}/firefox rix,
+-  owner @{torbrowser_home_dir}/plugin-container px -> torbrowser_plugin_container,
+   owner @{torbrowser_home_dir}/{,TorBrowser/UpdateInfo/}updates/[0-9]*/updater ix,
+   owner @{torbrowser_home_dir}/{,TorBrowser/UpdateInfo/}updates/0/MozUpdater/bgupdate/updater ix,
+   owner @{torbrowser_home_dir}/TorBrowser/Data/Browser/profiles.ini r,
+@@ -64,6 +63,9 @@ profile torbrowser_firefox @{torbrowser_firefox_executable} {
+   owner @{torbrowser_home_dir}/TorBrowser/Tor/*.so mr,
+   owner @{torbrowser_home_dir}/TorBrowser/Tor/*.so.* mr,
+ 
+  # Web Content processes
+  owner @{torbrowser_firefox_executable} px -> torbrowser_plugin_container,
+
+   /etc/mailcap r,
+   /etc/mime.types r,
+ 
+diff --git a/apparmor/torbrowser.Browser.plugin-container b/apparmor/torbrowser.Browser.plugin-container
+index fe95fdb..c1c4ccb 100644
+--- a/apparmor/torbrowser.Browser.plugin-container
+++ b/apparmor/torbrowser.Browser.plugin-container
+@@ -1,6 +1,8 @@
+ #include <tunables/global>
+ #include <tunables/torbrowser>
+ 
+@{torbrowser_firefox_executable} = /home/*/.local/share/torbrowser/tbb/{i686,x86_64}/tor-browser_*/Browser/firefox.real
+
+ profile torbrowser_plugin_container {
+   #include <abstractions/gnome>
+ 
+@@ -52,7 +54,6 @@ profile torbrowser_plugin_container {
+   owner @{torbrowser_home_dir}/fonts/   r,
+   owner @{torbrowser_home_dir}/fonts/** r,
+   owner @{torbrowser_home_dir}/omni.ja r,
+-  owner @{torbrowser_home_dir}/plugin-container ixmr,
+   owner @{torbrowser_home_dir}/TorBrowser/Data/Browser/profile.default/extensions/*.xpi r,
+   owner @{torbrowser_home_dir}/TorBrowser/Data/Browser/profile.default/tmp/* rw,
+   owner @{torbrowser_home_dir}/TorBrowser/Data/fontconfig/fonts.conf r,
+@@ -62,6 +63,8 @@ profile torbrowser_plugin_container {
+   owner @{torbrowser_home_dir}/Downloads/ rwk,
+   owner @{torbrowser_home_dir}/Downloads/** rwk,
+ 
+  owner @{torbrowser_firefox_executable} ixmr -> torbrowser_plugin_container,
+
+   /sys/devices/system/cpu/ r,
+   /sys/devices/system/cpu/present r,
+   /sys/devices/system/node/ r,
--- a/debian/patches/0020-AppArmor-give-Tor-Browser-s-Web-Content-process-some.patch
+++ b/debian/patches/0020-AppArmor-give-Tor-Browser-s-Web-Content-process-some.patch
+From: intrigeri <intrigeri@boum.org>
+Date: Mon, 10 Sep 2018 07:55:36 +0000
+Subject: AppArmor: give Tor Browser's Web Content process some more innocuous
+ access it now needs.
+
+(cherry picked from commit 45265423d7fea40f93a3924146933aa6e94f0d97)
+---
+ apparmor/torbrowser.Browser.plugin-container | 2 ++
+ 1 file changed, 2 insertions(+)
+
+diff --git a/apparmor/torbrowser.Browser.plugin-container b/apparmor/torbrowser.Browser.plugin-container
+index c1c4ccb..ae2a9ba 100644
+--- a/apparmor/torbrowser.Browser.plugin-container
+++ b/apparmor/torbrowser.Browser.plugin-container
+@@ -34,6 +34,7 @@ profile torbrowser_plugin_container {
+ 
+   /dev/shm/ r,
+ 
+  owner @{PROC}/@{pid}/environ r,
+   owner @{PROC}/@{pid}/fd/ r,
+   owner @{PROC}/@{pid}/mountinfo r,
+   owner @{PROC}/@{pid}/stat r,
+@@ -51,6 +52,7 @@ profile torbrowser_plugin_container {
+   owner @{torbrowser_home_dir}/browser/components/*.so mr,
+   owner @{torbrowser_home_dir}/defaults/pref/     r,
+   owner @{torbrowser_home_dir}/defaults/pref/*.js r,
+  owner @{torbrowser_home_dir}/dependentlibs.list r,
+   owner @{torbrowser_home_dir}/fonts/   r,
+   owner @{torbrowser_home_dir}/fonts/** r,
+   owner @{torbrowser_home_dir}/omni.ja r,
--- a/debian/patches/0021-AppArmor-give-Web-Content-processes-read-access-to-t.patch
+++ b/debian/patches/0021-AppArmor-give-Web-Content-processes-read-access-to-t.patch
+From: intrigeri <intrigeri@boum.org>
+Date: Mon, 10 Sep 2018 09:41:49 +0000
+Subject: AppArmor: give Web Content processes read access to the startup
+ cache, otherwise they fail to load
+
+(cherry picked from commit eb328f2abe7b681c779a6cb7e49657ac93ecd005)
+---
+ apparmor/torbrowser.Browser.plugin-container | 1 +
+ 1 file changed, 1 insertion(+)
+
+diff --git a/apparmor/torbrowser.Browser.plugin-container b/apparmor/torbrowser.Browser.plugin-container
+index ae2a9ba..7ec8a00 100644
+--- a/apparmor/torbrowser.Browser.plugin-container
+++ b/apparmor/torbrowser.Browser.plugin-container
+@@ -57,6 +57,7 @@ profile torbrowser_plugin_container {
+   owner @{torbrowser_home_dir}/fonts/** r,
+   owner @{torbrowser_home_dir}/omni.ja r,
+   owner @{torbrowser_home_dir}/TorBrowser/Data/Browser/profile.default/extensions/*.xpi r,
+  owner @{torbrowser_home_dir}/TorBrowser/Data/Browser/profile.default/startupCache/* r,
+   owner @{torbrowser_home_dir}/TorBrowser/Data/Browser/profile.default/tmp/* rw,
+   owner @{torbrowser_home_dir}/TorBrowser/Data/fontconfig/fonts.conf r,
+   owner @{torbrowser_home_dir}/TorBrowser/Tor/ r,
--- a/debian/patches/series
+++ b/debian/patches/series
@@ -16,3 +16,6 @@
 0016-Remove-apparmor-local-path-from-setup.py.patch
 0017-AppArmor-allow-Firefox-to-read-usr-share-glib-2.0-sc.patch
 0018-AppArmor-adjust-Firefox-binary-path-for-Tor-Browser-.patch
+0019-AppArmor-confine-Firefox-60-Web-Content-processes-un.patch
+0020-AppArmor-give-Tor-Browser-s-Web-Content-process-some.patch
+0021-AppArmor-give-Web-Content-processes-read-access-to-t.patch
--- a/debian/source.lintian-overrides
+++ b/debian/source.lintian-overrides
-torbrowser-launcher source: debian-watch-may-check-gpg-signature
--- a/debian/source/lintian-overrides
+++ b/debian/source/lintian-overrides
+torbrowser-launcher source: debian-watch-does-not-check-gpg-signature