Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Expose sandbox properties via IPC JSON, criteria, title format #8521

Merged
merged 5 commits into from
Jan 13, 2025
Merged

Expose sandbox properties via IPC JSON, criteria, title format #8521

merged 5 commits into from
Jan 13, 2025

Conversation

jacobmcnamee
Copy link
Contributor

Rebase and update of #7187.

Add sandbox properties to IPC JSON, criteria, and title format:

  • sandbox_engine
  • sandbox_app_id
  • sandbox_instance_id

These properties may be set by sandbox engines (e.g. flatpak) via the security context protocol: https://wayland.app/protocols/security-context-v1.

Example Usage

Prepend sandbox properties to window title when sandbox engine is set:

for_window [sandbox_engine="."] title_format "[%sandbox_engine/%sandbox_app_id/%sandbox_instance_id] %title"

Testing

Launch an app via flatpak:

flatpak run org.gnome.clocks

Observe JSON layout tree via swaymsg -r -t get_tree:

"name": "Clocks",
"pid": 14309,
"app_id": "org.gnome.clocks",
...
"sandbox_engine": "org.flatpak",
"sandbox_app_id": "org.gnome.clocks",
"sandbox_instance_id": "2307446143",

Observe pretty layout tree via swaymsg -p -t get_tree:

#1: root "root"
  #2147483647: output "__i3"
    #2147483646: workspace "__i3_scratch"
  #3: output "WL-1"
    #4: workspace "1"
      #5: con "Clocks" (xdg_shell, pid: 14309, app_id: "org.gnome.clocks", sandbox_engine: "org.flatpak", sandbox_app_id: "org.gnome.clocks", sandbox_instance_id: "2307446143")

Observe window title when configured as shown above:

[org.flatpak/org.gnome.clocks/2307446143] Clocks

emersion
emersion reviewed Jan 8, 2025
View reviewed changes
sway/desktop/xdg_shell.c Outdated Show resolved Hide resolved
emersion
emersion reviewed Jan 8, 2025
View reviewed changes
sway/sway.5.scd
If the value is \_\_focused\_\_, then the sandbox engine must be the same as
that of the currently focused window.

*sandbox_app_id*
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I'm kind of wondering whether we should expose this, or whether we should always prefer the sandbox-provided app ID over the one provided by the sandboxed client.

(IIRC GNOME allows org.libreoffice.Writer if the sandbox app ID is org.libreoffice.)

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The sandbox app_id is defined to be engine-specific and may have an entirely different meaning.

For example, consider a system container (Docker, LXC, etc.) where the wayland socket / security context is associated with more than one application:

  • sandbox_engine = "org.docker"
  • sandbox_app_id = "my-docker-container-2"
  • app_id = multiple, different per application

I'm not sure even that "Flatpak application ID" is equivalent to app_id (for that specific engine).

See #8521 (comment)

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

That's a good point! Perhaps one could argue that any sandbox engine sending metadata through the security-context protocol is Wayland-aware (because it has to add support for that specific protocol)? Docker/LXC don't support Wayland apps out-of-the-box, so will not provide these app IDs which don't match xdg-shell. However, as you said nothing prevents a sandbox engine from having a completely different scheme for app IDs.

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

My main point is that there exist use cases where a single wayland socket / security context must support multiple arbitrary applications, making it impossible to set sandbox_app_id (a single value for the security context and all associated views) in a way which is compatible with app_id (potentially different per view).

For example, a system-level container (e.g. docker run 'my-ubuntu-container-3') could start a terminal, browser, and media player via a single wayland socket / security context.

Flatpak (and other application-level container tools) are a special case where only one application is expected to be associated with a given security context (but again, I'm not sure that's completely accurate).

Copy link
Member

@emersion emersion Jan 13, 2025
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

System-level containers are less secure than per-app containers, because granted permissions apply to the whole container. That is, if a sandboxed app obtains a permission, all other apps in the container can abuse it.

But yeah, indeed, we don't want to prevent one from running containers with multiple apps in it.

emersion
emersion reviewed Jan 8, 2025
View reviewed changes
Copy link
Member

@emersion emersion left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

On the whole this looks good to me, added a few comments!

(Thanks for rebasing on top of my criteria changes!)

@jacobmcnamee
Copy link
Contributor Author

jacobmcnamee commented Jan 12, 2025
edited
Loading

I was curious how other compositors are using and/or exposing security context metadata and did some research.

Naming Convention

  • I think sandbox_ is reasonable because restrictions imposed on a client by the compositor are trivially defeated unless the client is sandboxed (via Flatpak, Docker, LXC, etc.)
  • I have found little to no conflicting precedent (see research below)

Metadata Usage

Research Summary

  • Most compositors restrict protocol access for clients with a security context
  • Most compositors never use security context metadata (sandbox_engine, app_id, instance_id) directly or expose them externally
  • KWin uses app_id regardless of sandbox_engine for .desktop file lookup (conflicts with spec)
  • Mutter (draft PR) exposes app_id via existing API function meta_window_get_sandboxed_app_id() when sandbox_engine is "flatpak" (respects spec / engines.md)
  • PipeWire suggests setting analogous security context properties on objects: pipewire.sec.engine, pipewire.sec.app-id, pipewire.sec.instance-id
Notes and References

COSMIC

Hyprland

Jay

KWin

mutter

niri

PipeWire

emersion
emersion approved these changes Jan 12, 2025
View reviewed changes
Copy link
Member

@emersion emersion left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks a lot for doing the research!

This LGTM, will wait for a bit before merging just in case somebody else has objections.

@emersion emersion merged commit 0b08dce into swaywm:master Jan 13, 2025
3 checks passed
@emersion
Copy link
Member

Thanks!

@emersion emersion mentioned this pull request Jan 19, 2025
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@emersion emersion emersion approved these changes

Assignees
No one assigned
Labels
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@jacobmcnamee @emersion @puckipedia