Under Ubuntu 22.04, AppArmor is active by default and configured to check all file accesses of Firefox and LibreOffice. Firefox is packaged as a “snap”. When I look which file accesses AppArmor rejected, I get this list:
# grep audit /var/log/kern.log | grep DENIED | fgrep snap.firefox.firefox
| grep 'operation="open"' | sed -e 's/.*name="([^"]*)".*/1/' | sort -u
/etc/fstab
/home/bruno/.bash_history
/home/bruno/.gtkrc-2.0
/home/bruno/.lesshst
/home/bruno/.python_history
/home/bruno/.python_history-36761.tmp
/home/bruno/.viminfo
/home/bruno/.viminfo.tmp
/home/bruno/.xsession-errors
/run/mount/utab
Why is Firefox trying to access my .viminfo
, .bash_history
, .python_history
, and .lesshst
files? These files contain most private information about my habits.
I can understand the attempts to access to .gtkrc-2.0
(Gtk configuration) and .xsession-errors
(Xorg errors).
I have checked the Firefox plugins and addons: only trustable ones.