mirror of
https://github.com/privacyguides/privacyguides.org.git
synced 2026-05-17 00:51:18 +00:00
Rahul Sandhu
49d627d740
Even on Gnome, a single dbus call allows applications outside of sandboxes to overwrite their permissions in the portal permission store. A sandbox that is supported by portals for identifying apps is also required: otherwise, a malicious app could trivially spoof a name on the bus. Currently, only Flatpak and Snap are subclasses of the XdpAppInfo class, required for xdg-desktop-portal to be able to identify a client. Privileged Wayland protocols are also not an issue. KDE's kwin requires that applications have an entry in a system-installed desktop file[1], meaning that random crap can't simply capture the screen, and Flatpak supports the security-context-v1 protocol, which is used to filter access to these privileged protocols[2]. An example of the dbus call for Gnome: dbus-send --session --print-reply=literal --dest=org.freedesktop.impl.portal.PermissionStore /org/freedesktop/impl/portal/PermissionStore org.freedesktop.impl.portal.PermissionStore.SetPermission string:'screenshot' boolean:true string:'screenshot' string:'' array:string:'yes' [1] https://github.com/KDE/kwin/blob/master/src/wayland_server.cpp#L129-L134 [2] https://github.com/flatpak/flatpak/commit/f0e626a4b60439f211f06d35df74b675a9ef42f4 Signed-off-by: redoomed1 <redoomed1@privacyguides.org> Signed-off-by: Daniel Nathan Gray <dngray@privacyguides.org>