On Sat, 2020-09-19 at 00:24 -0700, Perry Hutchison wrote: > [Cc's dropped, because mailman complained of too many recipients] > > Bastien Nocera <[email protected]> wrote: > > > ... using the "net" driver. It still requires punching a hole > > in the sandbox which shouldn't be necessary. > > Why is punching a hole for network::localhost -- allowing access > (via network) only to localhost,
That's not actually possible without using net namespaces which aren't accessible by normal users. And your loopback interface still contains loads of services with potential security issues and private data, so even if just loopback access was possible, it still wouldn't be a good fit security or privacy-wise. > and not to any other host -- so > much worse than punching a hole for D-bus? D-Bus traffic is filtered, and we can select which services the application has access to. By default, only portals are accessible, nothing else, greatly reducing potential security and privacy issues.
