There are two methods implemented - bubblewrap (using a mount
namespace), and landlock (a Linux security module).
landlock:
Only available since kernel 5.13, and only when the module is
enabled. And easy check is checking your syslog for 'landlock:
Up and running.'
The landlock python module has been added to the source tree
and is bundled by default.
When a transfer begins, the thread the RPC runs on is restricted
from accessing any location outside of the save folder.
This restriction is permanent on the thread. Therefore, RPC threads
cannot be recycled by a ThreadPoolExecutor. Instead we use a custom
'NewThreadExecutor' to create new threads on-demand.
Warpinator runs normally, otherwise.
bubblewrap:
System and user folders are read-only. Only the save folder is
mounted as read/write.
If the save folder is changed in preferences, Warpinator will
prompt that it needs to restart once there are no more active
transfers (as the bubblewrapper will need
to be updated).
The org.freedesktop.FileManager1 dbus service is used if available
when opening the save folder. If no application supports this,
a Gio call is used, which will result in the file manager inheriting
Warpinator's restrictive permissions, if it isn't already running.
other details:
The type of isolation (or none) can be specified on the command
line. Warpinator will decide automatically otherwise, preferring
landlock over bubblewrap if both are available.
Minimum free disk space is visibly configurable now.
Free disk space checking will account for files being overwritten,
as well as monitor disk space during transfers. Free space is also
monitored during transfers.
Certain locations are forbidden from being set as the incoming folder (home, home dot-folders).
To do:
[x] Review bwrap args
[x] Fix restarts when using bubblewrap (using shell commands does't work for this). Use a loop in /usr/bin/warpinator.
(Description copied from commit 6c259fe11d69f)
There are two methods implemented - bubblewrap (using a mount namespace), and landlock (a Linux security module).
landlock:
bubblewrap:
other details:
To do: