[Pkg-anonymity-tools] [torbrowser-launcher] 21/43: AppArmor: allow Firefox to learn how many CPU cores are present.

[Ulrike Uhlig]

This is an automated email from the git hooks/post-receive script.

u-guest pushed a commit to branch master
in repository torbrowser-launcher.

commit 7e604b6d1b2489cfd3b1f4b818bbfdad6674692d
Author: intrigeri <intrigeri at boum.org>
Date:   Thu Aug 14 17:02:50 2014 +0000

    AppArmor: allow Firefox to learn how many CPU cores are present.
    
    This was added in commits ace00d646 and a3908af8 already. Then, commit 04b24660
    made the opposite change for reasons that are unknown to me.
    
    Firefox can optimize things a bit depending on this information, which does not
    seem terribly critical, and can probably be gathered by other means anyway,
    given the current profile.
    
    In the Firefox source code, this file is used in the PR_GetNumberOfProcessors
    function, that itself is used e.g. in image/src/RasterImage.cpp to make use of
    all available CPUs. Now, if someone shows that this information is leaked
    on the network, and cannot be retrieved by other means given the same threat
    model, then possibly it'll make sense to block this access... or to suggest
    to the Tor Browser people to patch it out and always use one core only,
    which would solve the (potential) problem also for people not using AppArmor.
---
 apparmor/torbrowser.Browser.firefox | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/apparmor/torbrowser.Browser.firefox b/apparmor/torbrowser.Browser.firefox
index 8fe8cbb..0f02e33 100644
--- a/apparmor/torbrowser.Browser.firefox
+++ b/apparmor/torbrowser.Browser.firefox
@@ -64,6 +64,8 @@
   /usr/share/gnome/applications/kde4/ r,
   /usr/share/poppler/cMap/ r,
 
+  /sys/devices/system/cpu/ r,
+  /sys/devices/system/cpu/present r,
 
   # Should use abstractions/gstreamer instead once merged upstream
   /etc/udev/udev.conf r,

-- 
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/collab-maint/torbrowser-launcher.git