[sane-devel] Sandboxing scanner applications
Bastien Nocera
hadess at hadess.net
Sat Sep 19 10:25:09 BST 2020
On Sat, 2020-09-19 at 12:13 +0300, Alexander Pevzner wrote:
> On 9/19/20 11:57 AM, Bastien Nocera wrote:
> > D-Bus traffic is filtered, and we can select which services the
> > application has access to. By default, only portals are accessible,
> > nothing else, greatly reducing potential security and privacy
> > issues.
>
> How do you plan to receive scanned images from scanner?
>
> Note, A4 color image at 1200 DPI is slightly less that 1/2 Gb. SANE
> returns image uncompressed, so you probably need 1/2 Gb in scan
> server,
> 1/2 Gb in D-Bus daemon and 1/2 Gb in receiving application.
Sealed memfds, passed via D-Bus, that's 1/2GB in all :)
This is from 2014:
https://lwn.net/Articles/593918/
More information about the sane-devel
mailing list