[sane-devel] Sandboxing scanner applications

Alexander Pevzner pzz at apevzner.com
Fri Sep 18 20:08:28 BST 2020

On 9/18/20 8:08 PM, Bastien Nocera wrote:
> Firefox already supports using GtkPrintOperation to print using the
> portal, look for nsFlatpakPrintPortal:
> https://searchfox.org/mozilla-central/source/widget/gtk/nsPrintDialogGTK.cpp#570

I didn't know, thanks for explanation.

> The print portal is not as powerful as talking directly to CUPS to
> print, but it's better than having all the apps be on the network just
> to be able to print something.

D-Bus is, essentially, messaging over AF_UNIX socket.

IPP can work over AF_UNIX socket, though using TCP socket is more 
convenient, because allows to reuse existent Avahi infrastructure for 
printers/servers discovery (even within a single machine, over loopback).

And as for me, there is no a lot of conceptual difference between 
AF_UNIX and loopback communication.

> But sane _drivers_ aren't sandboxed. The application using the hardware
> driver is.

OK, I probably was more concerned about sandboxing of sane drivers, so 
misinterpreted your initial question.

Anyway, whatever we want to do solves both problems.

> So, will it be possible to use IPP scan without using IP, preferably
> over D-Bus, so it can be filtered, and authorised, using the existing
> portal mechanisms?

To make scanning over D-Bus possible, somebody needs to implement SANE 
driver (backend) that can communicate with portal, and portal itself (a 
kind of scan server, that responds to D-Bus requests and uses SANE 
drivers to perform actual scanning). AFAIK, currently nobody works on 
something like this.


	Wishes, Alexander Pevzner (pzz at apevzner.com)

More information about the sane-devel mailing list