Specifying "exec" for the sandboxed home mount
Nicholas Bishop
nicholasbishop at gmail.com
Thu Mar 22 16:30:59 UTC 2018
You're right, I was forgetting the unprivileged nature of the sandbox.
On Thu, Mar 22, 2018, 6:36 AM Alexander Larsson <alexl at redhat.com> wrote:
> I don't think that is (or should be) possible. If the sysadmin made a
> mount noexec, then a non-privileged app like flatpak/bubblewrap should
> not be able to undo that. I mean, if "noexec" is essentially optional,
> what use is it?
>
> On Wed, Mar 21, 2018 at 9:10 PM, Nicholas Bishop
> <nicholasbishop at gmail.com> wrote:
> > Hi,
> >
> > I ran into an issue with the Steam application. It wants to install an
> > executable into the home partition. I am testing on a system with home
> > mounted as noexec, and it seems that gets propagated to the sandboxed
> home
> > mount when running the flatpak.
> >
> > I think I can work around this by bind mounting ~/.var and remounting it
> > with the exec flag, but I was wondering if there's a way to fix this in
> > flatpak itself.
> >
> > -Nicholas
> >
> > _______________________________________________
> > Flatpak mailing list
> > Flatpak at lists.freedesktop.org
> > https://lists.freedesktop.org/mailman/listinfo/flatpak
> >
>
>
>
> --
> =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
> Alexander Larsson Red Hat, Inc
> alexl at redhat.com alexander.larsson at gmail.com
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.freedesktop.org/archives/flatpak/attachments/20180322/e32c6734/attachment.html>
More information about the Flatpak
mailing list