[Portland] File dialog as trusted desktop service
Bastian, Waldo
waldo.bastian at intel.com
Mon Mar 20 18:26:45 EET 2006
FYI
Waldo Bastian
Linux Client Architect - Channel Platform Solutions Group
Intel Corporation - http://www.intel.com/go/linux
OSDL DTL Tech Board Chairman
-----Original Message-----
From: gtk-devel-list-bounces at gnome.org
[mailto:gtk-devel-list-bounces at gnome.org] On Behalf Of Mark Seaborn
Sent: Saturday, March 18, 2006 9:22 AM
To: gtk-devel-list at gnome.org; gtk-list at gnome.org
Subject: ANNOUNCE: Plash 1.16, with Powerbox for Gtk
Hi folks,
I have released a new version of Plash, which is available from:
http://plash.beasts.org
Plash is a system for sandboxing GNU/Linux programs so that they can
be run with minimum authority/privileges. Plash can be used with GUI
applications: you can dynamically grant a GUI application access
rights to individual files that you want to open and edit. This
happens transparently through the Open/Save file chooser dialog box.
Plash replaces Gtk's GtkFileChooserDialog so that the file chooser is
implemented outside the application in a separate process, as a
trusted component. This file chooser is known as a powerbox, because
it delegates additional power to the application.
For example, Inkscape can be launched in a sandbox using the following
command. Initially it won't have access to anything in your home
directory. Choosing a file using File->Open grants Inkscape access to
the file, attaching the file into Inkscape's file namespace.
pola-run --prog /usr/bin/inkscape \
-B -fl /etc --x11 \
--env LD_PRELOAD=/usr/lib/plash/lib/powerbox-for-gtk.so \
--powerbox --pet-name "Inkscape"
The main change in this release is a reimplementation of the
powerbox/Gtk integration. In the previous version, the replacement
GtkFileChooserDialog class inherited only from GtkObject, which caused
various problems. The new version inherits from GtkDialog (and hence
from GtkWindow, GtkWidget, etc.), just as the ordinary
GtkFileChooserDialog does. This works with a lot more Gtk
applications.
The new GtkFileChooserDialog replacement prevents its parent GtkWindow
from opening a window by overriding the GtkWidget "map" method with
code that does not pass the call on to GtkWindow. Instead, the "map"
method invokes the powerbox API, which causes the powerbox manager to
open a file chooser instead.
You can see the code for this at:
new: http://svn.gna.org/viewcvs/plash/trunk/src/gtk-powerbox.c
old:
http://svn.gna.org/viewcvs/plash/trunk/src/gtk-powerbox-noninherit.c
This still works as an LD_PRELOADed library, which replaces
gtk_file_chooser_* functions.
Would there be any interest in merging this functionality into
mainline Gtk, so that the powerbox code can optionally be compiled in,
and optionally be enabled at run time?
Mark
_______________________________________________
gtk-devel-list mailing list
gtk-devel-list at gnome.org
http://mail.gnome.org/mailman/listinfo/gtk-devel-list
More information about the Portland
mailing list