Commit e352db1a authored by Debarshi Ray's avatar Debarshi Ray

flatpak: Sandbox GSettings use by dropping the dconf permissions

Since GLib 2.60.x, GSettings' keyfile backend is capable enough to be
the default backend for Flatpak applications. If a Flatpak doesn't
have the necessary permissions to access dconf, GSettings will
automatically switch to using the keyfile backend.

This is good because dconf isn't suited for sandboxing. It uses a
single database shared across all applications - they are free to read
and write anything, and settings are left behind even after an
application has been uninstalled. This leaves plenty of room for
mischief and accidents. In comparison, the keyfile backend uses a
separate isolated file for each Flatpak that's removed when the
application is uninstalled.

!122
parent 30d43499
Pipeline #165271 passed with stages
in 11 minutes and 25 seconds
......@@ -7,18 +7,15 @@
"tags": [ "nightly" ],
"desktop-file-name-prefix": "(Nightly) ",
"finish-args": [
"--env=DCONF_USER_CONFIG_DIR=.config/dconf",
"--env=TRACKER_SPARQL_BACKEND=bus",
"--filesystem=~/.config/dconf:ro",
"--filesystem=xdg-download",
"--filesystem=xdg-pictures",
"--filesystem=xdg-run/dconf",
"--metadata=X-DConf=migrate-path=/org/gnome/photos/",
"--share=ipc",
"--share=network",
"--socket=fallback-x11",
"--socket=wayland",
"--socket=x11",
"--talk-name=ca.desrt.dconf",
"--talk-name=org.freedesktop.FileManager1",
"--talk-name=org.freedesktop.Tracker1",
"--talk-name=org.freedesktop.Tracker1.Miner.Extract",
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment