Hi everyone, below you will find the updates from the Desktop team from the last week. If you’re interested in discussing a topic please start a thread in the Desktop area of Discourse .
We also have our weekly meeting on IRC. We meet on Tuesday at 13:30 UTC in #ubuntu-desktop on Freenode. There will be an “Any Other Business” section at the end where you are welcome to raise topics. These topics might be discussed during the meeting, or afterwards depending on the time, depth of conversation, topic and so on.
Last week’s notes are here: Desktop Team Updates - Monday 14th September 2020
Ubuntu Core GDM experiment:
snapctl is-connected --pid patch:
snapd PR #9132 is marked blocked. I think we want a version that works from an AppArmor label from the start, since it allows the check to be performed race free.
- A daemon can determine it’s peer’s AppArmor label race free via
SO_PEERSEC (usually via the
aa_getpeercon helper), which tells us the snap name. In contrast, going via pid involves a race between retrieving the pid via
SO_PEERSEC and reading
/proc/$pid/attr/current. So we should use the
SO_PEERSEC when possible.
misc snapd changes:
- Created snapd PR #9370 to clean up how
snap userd requests its D-Bus name. The current code encourages people adding new interfaces to userd to also add a new bus name, which is not desirable.
Also worked on a security bug.