Comment 8 for bug 447292

For those users hitting this issue, I'd like to stress that the security benefits of using an AppArmor profile for evince are very high, especially when considering the problems seen with the PDF and image libraries. poppler, the PDF library used by evince, has had no fewer than 19 different security vulnerabilities in the last year, some of which can lead to arbitrary code execution. The AppArmor profile in Ubuntu 9.10 turns these vulnerabilities from potential situations where an attacker can run code on your computer into a simple application crash (at worst). For the vast majority of Ubuntu users, they will realize this security benefit without knowing AppArmor is protecting them.

The release notes for Ubuntu 9.10 discuss having to adjust tunables manually when you have a different location for your home directory (see http://www.ubuntu.com/getubuntu/releasenotes/910). This said, the current situation is suboptimal and it is a very high priority to improve this in Ubuntu 10.04.