mirror of
https://github.com/privacyguides/privacyguides.org.git
synced 2025-11-13 01:32:40 +00:00
49d627d740
Even on Gnome, a single dbus call allows applications outside of
sandboxes to overwrite their permissions in the portal permission
store. A sandbox that is supported by portals for identifying apps is
also required: otherwise, a malicious app could trivially spoof a name
on the bus. Currently, only Flatpak and Snap are subclasses of the
XdpAppInfo class, required for xdg-desktop-portal to be able to
identify a client.
Privileged Wayland protocols are also not an issue. KDE's kwin requires
that applications have an entry in a system-installed desktop file[1],
meaning that random crap can't simply capture the screen, and Flatpak
supports the security-context-v1 protocol, which is used to filter
access to these privileged protocols[2].
An example of the dbus call for Gnome:
dbus-send --session --print-reply=literal --dest=org.freedesktop.impl.portal.PermissionStore /org/freedesktop/impl/portal/PermissionStore org.freedesktop.impl.portal.PermissionStore.SetPermission string:'screenshot' boolean:true string:'screenshot' string:'' array:string:'yes'
[1] https://github.com/KDE/kwin/blob/master/src/wayland_server.cpp#L129-L134
[2] f0e626a4b6
Signed-off-by: redoomed1 <redoomed1@privacyguides.org>
Signed-off-by: Daniel Nathan Gray <dngray@privacyguides.org>