[sane-devel] Sandboxing scanner applications
hadess at hadess.net
Sat Sep 19 09:57:49 BST 2020
On Sat, 2020-09-19 at 00:24 -0700, Perry Hutchison wrote:
> [Cc's dropped, because mailman complained of too many recipients]
> Bastien Nocera <hadess at hadess.net> wrote:
> > ... using the "net" driver. It still requires punching a hole
> > in the sandbox which shouldn't be necessary.
> Why is punching a hole for network::localhost -- allowing access
> (via network) only to localhost,
That's not actually possible without using net namespaces which aren't
accessible by normal users.
And your loopback interface still contains loads of services with
potential security issues and private data, so even if just loopback
access was possible, it still wouldn't be a good fit security or
> and not to any other host -- so
> much worse than punching a hole for D-bus?
D-Bus traffic is filtered, and we can select which services the
application has access to. By default, only portals are accessible,
nothing else, greatly reducing potential security and privacy issues.
More information about the sane-devel