Closed sebastinas closed 4 months ago
made the issue visible to everyone
On GitLab by @valoq on May 6, 2023, 14:04
@fed What version of zathura are you using on those distros? The zathura packages provided by debian 11 (bullseye) and ubuntu 22.04 are version 0.4.7 and 0.4.9 and the strict sandbox is broken in those versions. You could install the current zathura version 0.5.2 on those distros though. The strict sandbox mode will work fine on both Ubuntu 22.04 and Debian 11 with the current release version of zathura 0.5.2.
On GitLab by @fed on May 10, 2023, 01:31
@valoq Hi, yes I am using the versions you mentioned, the default ones.
I tried the last zathura version on debian 11 and I can say that strict mode works, it gives me Exec is not permitted in strict sanbox mode
and that's ok this is what I was trying to do, block exec on zathura.
I tested it to confirm you that the bug is non present as feedback but I have to say that it requires a lot of libraries to install for compilation and it install a lot of files on /usr/local
, not something that I like to install so I am not going to use it.
Unfortunately for debian there is not an updated package on debian backports... I don't think that you are one of the developers that build the package on debian, maybe I have to contact them.
Thanks for the infos.
On GitLab by @valoq on May 13, 2023, 21:36
@fed The easiest solution for you might be to wait until next month when Debian Bookworm will be released. The zathura version in Bookworm is already the most recent version 0.5.2
On GitLab by @fed on May 17, 2023, 19:51
I will wait for the next release for the updated package.
I was able to create (I am testing it) an apparmor
profile in the meanwhile to block exec like @sebastinas suggested in irc.
On GitLab by @fed on May 3, 2023, 24:26
Hi,
as discussed on irc with Sebastinas I have problem running zathura with sandbox enabled.
I paste the strace of the execution on ubuntu pc
Thanks for the help