[sane-devel] Sandboxing scanner applications
Till Kamppeter
till.kamppeter at gmail.com
Fri Sep 18 19:41:28 BST 2020
On 18/09/2020 17:44, Bastien Nocera wrote:
>> Neither me not Till seems to be familiar with Flatpak, so I would
>> appreciate if provide a bit more detailed explanation of how the
>> things
>> expected to work.
>
> This isn't so much about Flatpak, but about portals that Snap also uses
> to implement sandboxing, even if the majority of Snaps don't implement
> any kind of sandboxing (AFAIK).
>
Do you mean with this "majority of Snaps" the classic Snaps? This is a
type of Snaps which is less restricted and interacts more with the
system. Not really recommended. The full sandboxing you get with fully
restricted standard Snaps. My CUPS Snap
(https://github.com/OpenPrinting/cups-snap) is one of these and is
designed for communicating with clients (apps which print or which
configure the print environment) and Printer Applications (drivers as
IPP-printer-emulating daemon) both in fully restricted Snaps by
themselves. So one could get an all-Snap OS distribution with snapped
appplications, snapped CUPS, and snapped printer drivers. Implementation
of the needed system interfaces in snapd is currently ongoing. See the
links in my monthly news posts on https://openprinting.github.io/news/.
> A portal is a D-Bus service running outside the sandbox offering
> services to the sandbox application, such as file chooser, printing,
> screenshots, localisation, etc. Sandboxed applications call a well-
> known D-Bus service, and wait for an answer. The D-Bus service asks the
> user about the resource to be shared, gives it back to the application.
>
> The application doesn't need network access to access a remote printer,
> for example, as the D-Bus service outside the sandbox is the one
> contacting the printer. Ditto for files access, etc.
>
So communication of a flatpaked application is D-Bus only?
Does it also mean that only user applications (like LibreOffice,
Firefox, Darktable, ...) will get flatpaked? And system components (like
CUPS, network-manager, ...) will not get sandboxed in Flatpak packages?
Snap allows all-Snap OS distributions.
Till
More information about the sane-devel
mailing list