Skip to content

GNOME/gnome-desktop

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

6,641 Commits

.ci

.ci

 
 

desktop-docs

desktop-docs

 
 

docs/reference/gnome-desktop3

docs/reference/gnome-desktop3

 
 

libgnome-desktop

libgnome-desktop

 
 

po

po

 
 

tests

tests

 
 

.gitlab-ci.yml

.gitlab-ci.yml

 
 

.gitmodules

.gitmodules

 
 

AUTHORS

AUTHORS

 
 

CONTRIBUTING.md

CONTRIBUTING.md

 
 

COPYING

COPYING

 
 

COPYING-DOCS

COPYING-DOCS

 
 

COPYING.LIB

COPYING.LIB

 
 

NEWS

NEWS

 
 

README.md

README.md

 
 

gnome-desktop.doap

gnome-desktop.doap

 
 

meson.build

meson.build

 
 

meson_options.txt

meson_options.txt

 
 

Repository files navigation

gnome-desktop

gnome-desktop contains the libgnome-desktop library as well as a data file that exports the "GNOME" version to the Settings Details panel.

The libgnome-desktop library provides API shared by several applications on the desktop, but that cannot live in the platform for various reasons. There is no API or ABI guarantee, although we are doing our best to provide stability. Documentation for the API is available with gtk-doc.

You may download updates to the package from download.gnome.org.

To discuss gnome-desktop, you may use the Platform group of GNOME's Discourse instance.

Installation

gnome-desktop uses meson to build its sources.

Bubblewrap, installed as the bwrap binary, is a non-optional dependency on platforms where it is supported and thumbnailing will silently fail when it is not installed at runtime.

flatpak-xdg-utils's flatpak-spawn helper is a non-optional dependency for using gnome-desktop's thumbnailer when the app is being run within Flatpak >= 1.5.1.

How to report bugs

Bugs should be reported to the Issues section of gnome-desktop repository. Due to very high numbers of misdirected gnome-shell bugs, the issue tracker has unfortunately been restricted to GNOME developers only. If you have found a bug in this library, feel free to contact any GNOME developer and ask for your report to be forwarded here.

Thumbnailing sandboxing

The thumbnailer sandboxing was built to prevent a number of different potential attack vectors.

  • The attacker wants to steal arbitrary secrets from your machine (a confidentiality failure), or overwrite arbitrary files (an integrity failure).
  • The attacker is assumed to be capable of inducing you to download a crafted thumbnailable object (picture, video, ROM) that will crash a thumbnailer and get arbitrary code execution.
  • Stealing your secrets is prevented by:
    • only giving the thumbnailer access to the file it's thumbnailing, plus public files from /usr-equivalent places, so that it can't leak the content of a secret file into the thumbnail of a less-secret file.
    • not giving it internet access, so that it can't upload the file it's thumbnailing to Wikileaks.
  • Overwriting arbitrary files is prevented by making the output of the thumbnailer the only thing that can be written from inside the sandbox.
  • Subverting other programs to do one of those is (hopefully) prevented by only allowing it to output PNG thumbnails, because we hope PNG reader libraries are a lot more secure than libraries to read exotic image formats.

About

Read-only mirror of https://gitlab.gnome.org/GNOME/gnome-desktop

gitlab.gnome.org/GNOME/gnome-desktop

Resources

Readme

License

GPL-2.0 and 2 other licenses found

Licenses found

GPL-2.0
COPYING
Unknown
COPYING.LIB
Unknown
COPYING-DOCS
Activity
Custom properties

Stars

94 stars

Watchers

15 watching

Forks

35 forks
Report repository

Releases

572 tags

Packages

No packages published

Contributors 303

+ 289 contributors

Languages