New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Permission to read system processes? Will it ever be added? #3922
Comments
If so, I think it'd also make sense to allow an application to track which window has focus, for sandboxing things like a time-tracking app. (I proposed this before somewhere but it was shot down as "grant once, then remember permissions doesn't have the right security dynamics for a portal"... something I now know to be a double-standard, given that I'm still trying to figure out how to forcibly revoke all persistent Open/Save grants for the Documents portal when an application exits.) |
Any thoughts on this? I would really like to see OP's example addressed. |
It is unlikely that unmodified applications are ever going to be able to read a list of system processes from The reason apps like Discord cannot see system processes in We cannot (generally) stay in the same pidns as the rest of the system, because the new pidns is part of how we sandbox apps. Apps with the same user ID in the same pidns can send each other A portal to list system processes in a way that is not "read them from |
@smcv If private |
Well when I go to the game activity section on Discord to manually add a process as a status it lists my browser Microsoft Edge? How does it see that? |
I don't know. Maybe it's listing X11 windows, rather than processes? If you run some 1980s X11 application like xeyes or xterm, can it see those? |
Another use for a For example, if a user has built and is running their program from Builder, we may be profiling it. Some profiler bits are Being able to Edit I should also note that Builder would only need it on |
OP really only wants to introspect running apps. IMO an API to introspect applications, windows, workspaces as well as allowing apps to change workspaces, stacking order, focus, window positions, etc would be the right move here. Sharing the pidns is something completely different. Maybe open a new issue? |
The real solution is to make the whole sandboxing opt-out and let flatpak also work just as a package distribution tool. |
That'd be harder than it sounds because Flatpak's means of exposing its runtimes to packages is fundamentally based on containerization. For example, aside from a little blacklisting, |
To say, letting this API exist won't weaken security much. If you can execute programs on host (using For example Mission Center in order to read processes spawns an agent on the host and having an D-Bus API for process management (but that is a matter of portals), or share the namespace would be useful for this kind of app, otherwise they will have to do these hacks or they will just not work. of course for this kind of apps having a write access (to send signals) would be useful too. |
I mean all the additional security features of sandboxing. And well the runtime part needs a huge change too. It's insane that a program needs a full runtime even if it just uses a fraction of files from it. When Flatpak ages and we start seeing more and more older not maintained apps anymore then the number of installed runtimes will significantly go up. The runtime needs to just install what it needs. Just treat it like a virtualized non updateable linux distribution. |
For example discord cant detect running games.
The text was updated successfully, but these errors were encountered: