On sön, 2015-09-20 at 23:21 +0200, Ahmed S. Darwish wrote: > Hi everyone, > > This RFC patch series introduces memfd support [*] to PulseAudio, > laying out the necessary (but not yet sufficient) groundwork for > sandboxing, protecting PulseAudio from its clients, and protecting > clients (data) from each other. So, I don't actually know pulseaudio well enough to review this patch, but YEAH MAN! cool! I'm currently making an update of the freedesktop and gnome sdk/runtime, and I guess if a pulseaudio 7 comes out soon I can put that in. However, I assume this is post-7 material? Some questions: Is there a way to force sandboxed clients to only use the new memfd support. (i.e. refusing to fallback to shm for some clients.) Do you have any plans for how to do per-client permissions? In the most recent release of xdg-app I actually added support for a generic permissions store:  http://cgit.freedesktop.org/xdg-app/xdg-app/tree/data/org.freedesktop.XdgApp.xml The way it works is that you make up a table name, like "pulseaudio", and then you can set and query permissions on string ids, with some extra data stored with the id. Basically the api is  struct app_permissions {   string app_id;   string permissions[];  }  Set(string table, string id, app_permissions[] perms, GVariant extra_data) Lookup(string table, string id, out app_permissions[] perms, out GVariant extra_data) There is also some sample code here:  http://cgit.freedesktop.org/xdg-app/xdg-app/tree/document-portal/xdp-util.c#n283 Which looks up the xdg-app app-id for a dbus invocation which can be used as inspiration for how to do this in pulseaudio. -- =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= Alexander Larsson Red Hat, Inc alexl at redhat.com alexander.larsson at gmail.com He's a Nobel prize-winning crooked paramedic from the Mississippi delta. She's a provocative out-of-work mechanic with an evil twin sister. They fight crime!
