[Portland] File dialog as trusted desktop service
----- Forwarded message from "Bastian, Waldo" <waldo.bastian@...1100...> -----
Date: Mon, 20 Mar 2006 08:26:45 -0800 From: "Bastian, Waldo" <waldo.bastian@...1100...> To: portland@...626... Subject: [Portland] File dialog as trusted desktop service
FYI
Waldo Bastian Linux Client Architect - Channel Platform Solutions Group Intel Corporation - http://www.intel.com/go/linux OSDL DTL Tech Board Chairman
-----Original Message----- From: gtk-devel-list-bounces@...45... [mailto:gtk-devel-list-bounces@...45...] On Behalf Of Mark Seaborn Sent: Saturday, March 18, 2006 9:22 AM To: gtk-devel-list@...45...; gtk-list@...45... Subject: ANNOUNCE: Plash 1.16, with Powerbox for Gtk
Hi folks,
I have released a new version of Plash, which is available from: http://plash.beasts.org
Plash is a system for sandboxing GNU/Linux programs so that they can be run with minimum authority/privileges. Plash can be used with GUI applications: you can dynamically grant a GUI application access rights to individual files that you want to open and edit. This happens transparently through the Open/Save file chooser dialog box.
Plash replaces Gtk's GtkFileChooserDialog so that the file chooser is implemented outside the application in a separate process, as a trusted component. This file chooser is known as a powerbox, because it delegates additional power to the application.
For example, Inkscape can be launched in a sandbox using the following command. Initially it won't have access to anything in your home directory. Choosing a file using File->Open grants Inkscape access to the file, attaching the file into Inkscape's file namespace.
pola-run --prog /usr/bin/inkscape \ -B -fl /etc --x11 \ --env LD_PRELOAD=/usr/lib/plash/lib/powerbox-for-gtk.so \ --powerbox --pet-name "Inkscape"
The main change in this release is a reimplementation of the powerbox/Gtk integration. In the previous version, the replacement GtkFileChooserDialog class inherited only from GtkObject, which caused various problems. The new version inherits from GtkDialog (and hence from GtkWindow, GtkWidget, etc.), just as the ordinary GtkFileChooserDialog does. This works with a lot more Gtk applications.
The new GtkFileChooserDialog replacement prevents its parent GtkWindow from opening a window by overriding the GtkWidget "map" method with code that does not pass the call on to GtkWindow. Instead, the "map" method invokes the powerbox API, which causes the powerbox manager to open a file chooser instead.
You can see the code for this at: new: http://svn.gna.org/viewcvs/plash/trunk/src/gtk-powerbox.c old: http://svn.gna.org/viewcvs/plash/trunk/src/gtk-powerbox-noninherit.c
This still works as an LD_PRELOADed library, which replaces gtk_file_chooser_* functions.
Would there be any interest in merging this functionality into mainline Gtk, so that the powerbox code can optionally be compiled in, and optionally be enabled at run time?
Mark _______________________________________________ gtk-devel-list mailing list gtk-devel-list@...45... http://mail.gnome.org/mailman/listinfo/gtk-devel-list _______________________________________________ Portland mailing list Portland@...626... http://lists.freedesktop.org/mailman/listinfo/portland
----- End forwarded message -----
participants (1)
-
Bryce Harrington