From 49d627d740edfeb6c3d63022335e7a7e8565305d Mon Sep 17 00:00:00 2001 From: Rahul Sandhu Date: Mon, 10 Nov 2025 13:02:40 +0000 Subject: [PATCH] update: screencopy documentation in Linux Overview (#3144) Even on Gnome, a single dbus call allows applications outside of sandboxes to overwrite their permissions in the portal permission store. A sandbox that is supported by portals for identifying apps is also required: otherwise, a malicious app could trivially spoof a name on the bus. Currently, only Flatpak and Snap are subclasses of the XdpAppInfo class, required for xdg-desktop-portal to be able to identify a client. Privileged Wayland protocols are also not an issue. KDE's kwin requires that applications have an entry in a system-installed desktop file[1], meaning that random crap can't simply capture the screen, and Flatpak supports the security-context-v1 protocol, which is used to filter access to these privileged protocols[2]. An example of the dbus call for Gnome: dbus-send --session --print-reply=literal --dest=org.freedesktop.impl.portal.PermissionStore /org/freedesktop/impl/portal/PermissionStore org.freedesktop.impl.portal.PermissionStore.SetPermission string:'screenshot' boolean:true string:'screenshot' string:'' array:string:'yes' [1] https://github.com/KDE/kwin/blob/master/src/wayland_server.cpp#L129-L134 [2] https://github.com/flatpak/flatpak/commit/f0e626a4b60439f211f06d35df74b675a9ef42f4 Signed-off-by: redoomed1 Signed-off-by: Daniel Nathan Gray --- docs/os/linux-overview.md | 14 ++------------ 1 file changed, 2 insertions(+), 12 deletions(-) diff --git a/docs/os/linux-overview.md b/docs/os/linux-overview.md index 026511b8..1059ecd7 100644 --- a/docs/os/linux-overview.md +++ b/docs/os/linux-overview.md @@ -118,19 +118,9 @@ Additionally, some distributions will not download firmware updates automaticall ### Permission Controls -Desktop environments (DEs) that support the [Wayland](https://wayland.freedesktop.org) display protocol are [more secure](https://lwn.net/Articles/589147) than those that only support X11. However, not all DEs take full advantage of Wayland's architectural security improvements. +Desktop environments that support the [Wayland](https://wayland.freedesktop.org) display protocol are [more secure](https://lwn.net/Articles/589147) than those that only support X11. Moreover, we *generally* recommend installing and using applications which are sandboxed such as those obtained via **Flatpak**. Flatpak supports the [`security-context-v1`](https://github.com/flatpak/flatpak/pull/4920) protocol and the ability to filter D-Bus protocols, which allow Flatpak to properly identify apps for the purpose of sandboxing them through permission controls.[^1] Conversely, applications outside sandboxes are free to perform privileged actions such as capturing your screen, either by [overwriting the portal permission store](https://invent.kde.org/plasma/xdg-desktop-portal-kde/-/issues/7#note_1112260), or [making use of privileged Wayland protocols](https://github.com/swaywm/sway/pull/7648#issuecomment-2507730794). -For example, GNOME has a notable edge in security compared to other DEs by implementing permission controls for third-party software that tries to [capture your screen](https://gitlab.gnome.org/GNOME/gnome-shell/-/issues/3943). That is, when a third-party application attempts to capture your screen, you are prompted for your permission to share your screen with the app. - -
- ![Screenshot permissions](../assets/img/linux/screenshot_permission.png){ width="450" } -
GNOME's screenshot permission dialog
-
- -Many alternatives don't provide these same permission controls yet,[^1] while some are waiting for Wayland to implement these controls upstream.[^2] - -[^1]: KDE currently has an open proposal to add controls for screen captures: -[^2]: Sway is waiting to add specific security controls until they "know how security as a whole is going to play out" in Wayland: +[^1]: This exposes a reliable way for Wayland compositors to get identifying information about a client. Compositors can then apply security policies if desirable. [https://github.com/flatpak/flatpak/commit/f0e626a4b60439f211f06d35df74b675a9ef42f4](https://github.com/flatpak/flatpak/commit/f0e626a4b60439f211f06d35df74b675a9ef42f4) ## Privacy Tweaks