Security flaw in Ubuntu login screen could let anyone access your files (OMG! Ubuntu!)

I feel the need to reply since systemd seems to be receiving blame due to my comments in the bug report. To be clear, systemd isn't at fault. Those comments were me thinking out loud about how to make use of systemd to solve the problem.

Before 16.10, upstart was happy to let LightDM be fully in charge of spawning processes for the guest session and AppArmor confinement was automatically set up when the /usr/lib/lightdm/lightdm-guest-session binary was executed.

When user sessions moved under systemd in 16.10, some of the processes for the guest session were spawned by systemd and some continued to be spawned by LightDM. The processes spawned by LightDM were confined but the processes spawned by systemd weren't confined because they weren't configured to be confined. It was an oversight that nobody caught. I only noticed when walking through the test plan for uploading a new apparmor package to Ubuntu.

As for AppArmor confinement of an "ordinary user", it is possible today with pam_apparmor and there are users that do it in production environments. However, there aren't a lot of users that use it and it isn't quite as polished as it should be.