Use unix sockets instead of abstract sockets (!51) · Merge requests · GNOME / at-spi2-core

Tianon Gravi requested to merge tianon/at-spi2-core:abstract-socket into master Dec 24, 2020

Quoting @mcatanzaro (from #28 (comment 992076), because it's a much better summary than mine 😇 ❤):

Secure host services must not use abstract sockets.

If your sandboxed application uses --share=net to access the host network namespace, which is required for internet access, then it gets access to all the host's abstract sockets as well. Loads of sandboxed applications necessarily have to use --share=net.

If your sandboxed application does not use --share=net, it cannot access any host abstract sockets.

Fixes #28 (closed)

As I noted in #28 (closed), I've tested this on my Debian Bullseye system and it does correctly switch the daemon from listening on an abstract socket to listening on a unix socket (in /tmp/dbus-XXXX), but I'm not actually sure how to test that it's working properly because I'm unfortunately not very familiar with the accessibility daemon (or actually dbus, for that matter 😇). I'm happy to do more testing/verification with a little guidance, though!

I'm also happy to rebase, amend, discuss, adjust, close, defer, etc as desired! 👍

Use unix sockets instead of abstract sockets

Merge request reports