Allow UPower access through the system message bus

flathub / io.gitlab.librewolf-community

https://flathub.org/apps/details/io.gitlab.librewolf-community

16 stars 11 forks source link

Allow UPower access through the system message bus #127

Closed guihkx closed 3 weeks ago

guihkx commented 2 months ago

This silences a LibreWolf warning triggered by loading some websites.

Fixes #126

flathubbot commented 2 months ago

Started test build 147901

flathubbot commented 2 months ago

Build 147901 successful To test this build, install it from the testing repository:

flatpak install --user https://dl.flathub.org/build-repo/130987/io.gitlab.librewolf-community.flatpakref

lsfxz commented 1 month ago

This might be a bit of a daft question, but still: do we want upower access? I see no immediate downsides/attack vectors, but if it's "just warnings in the terminal" and not some relevant functionality that one would be missing, it might not be worth it? (this is really meant as a genuine, neutral question – just checking, so to speak ^^)

guihkx commented 1 month ago

do we want upower access?

Honestly, I don't know. I only thought it was really odd that a website (or, more precisely, some obfuscated Javascript code), was able to trigger that UPower warning. And since I dislike warnings in my system logs, I did the investigation. :P

To the best of my knowledge, not having this permission doesn't seem to break any website, so I don't think it's required. The official Flatpak package of Firefox currently doesn't have it either.

So, feel free to close this if you want. I will continue to enable that permission locally anyway. :P

lainedfles commented 3 weeks ago

I'd vote against this. There are known side-channel information disclosure exploits targeting power monitoring systems. Even in recent years.

I'd question the intention of any website attempting to read the local power state. They don't need to know about every device connected to my system, that is recognized by upower, nor the model and serial numbers.

I wonder if this is somehow related to an identity or tracking technology similar to canvas fingerprinting. Either way, this has the potential to leak sensitive information. Until (if?) mitigations similar to Mozilla RFP are implemented, this is a bad idea IMHO.

guihkx commented 3 weeks ago

Let's not add this by default then.

People can always add a permission override locally anyway.