Skip to content

flatpak: Treat access to Pipewire runtime dir as unsandboxed device access

Philip Withnall requested to merge pwithnall/gnome-software:2329-pipewire-permissions into main

Pipewire does not treat its clients as untrusted, so any app which has read or write access to Pipewire has access to all the devices and screen contents that Pipewire does (potentially).

Eventually a portal will be available for controlling access to Pipewire functionality, but for the moment apps are requesting permissions like --filesystem=xdg-run/pipewire-0, which gives them quite a lot of power.

Represent that as unfettered device access in gnome-software’s permissions view for now. We can’t do any more than that on stable branches as they are in UI and string freeze. In the next major version of gnome-software we can add more detailed permissions for Pipewire.

Signed-off-by: Philip Withnall pwithnall@endlessos.org

Helps: #2329 (closed)

Closes #2329 (closed)

Merge request reports