Today's #Linux pita: I generated a PDF file which links to local MP4 files. So clicking links in the PDF viewer (evince) should open a video player.. and play them. According to my "research" #AppArmor seems to be blocking this. Never heard about it before. Tried to add /usr/bin/totem as a line /usr/bin/totem ixr, to /etc/apparmor.d/usr.bin.evince.. but this breaks it: profile /usr/bin/evince: has merged rule /usr/bin/totem with conflicting x modifiers- Why? Can anyone help here please?
=> More informations about this toot | More toots from maehw@chaos.social
@maehw the correct way to handle this would be to allow the pdf viewer to launch applications through a standard desktop launcher interface and let those applications be confined or not depending on the system but this does require applications to change.
Having said that, I think the age where a random PDF document can link to an arbitrary application has passed through Windows XP era and was fairly spectacular disaster in terms of security.
Sadly we are in the early stages of this transition
=> More informations about this toot | More toots from zygoon@fosstodon.org
@zygoon Thanks for your reply. I guess I get the basic idea why this has been done: to improve users' security. Do I get it right - there's no easy way to add exceptions for specific media/URIs? Doesn't seem very user-friendly.. but I guess that's out of scope for the "normal user" then as well.
=> More informations about this toot | More toots from maehw@chaos.social This content has been proxied by September (3851b).Proxy Information
text/gemini