• 1
Couldn't you map all those to xdg-open and then sandbox that?

Please explain how I would do this?

If you run xdg-open on a file it will open it with whatever the default app is (according to gconf). If you sandbox xdg-open you'll only have to do it once instead of for each file type.

(I think)

Well I don't want to sandbox every app. I want the user to be able to run firefox outside of the sandbox. I just want the content that it downloads to be run within the sandbox, so it can not get the "filter" programs to do evil.

BTW the content is till downloaded and available on the users disk to run with the filters external to the sandbox.

Now if you are saying that firefox running xdg_oben could some how be hacked to run helper apps with the sandbox, that might be interesting, same with Thunderbird or any other web browser or mail reader that launches helpers on downloaded data.

That's precisely the point

That's precisely what he is saying. Instead of "sandbox acroread", "sandbox openoffice", "sandbox whatever" you create a single "sandbox xdg-open" script and it will run the (sandboxed) default application for the relevant content type.

Because of the way Firefox sets up these things, this is less attractive than it seems, because you will need to set up separate sandbox commands for many hard-coded (or at least default-installed) content types. Perhaps the list of "known" content types could be pruned so you only need one instance of the sandbox command.

See also http://portland.freedesktop.org/xdg-utils-1.0/xdg-open.html

xdg-open exits immediatly which causes the sandbox a problem

Sandbox will exit when the app it is running exits.

Is there a way to get xdg-open to not exit but wait for the app that it is starting to exit?

  • 1

Log in