wireplumber: add support for snap permissions (!567) · Merge requests · PipeWire / wireplumber

Sergio Costas requested to merge sergio-costas/wireplumber:DT-795-update-pipewire-to-enforce-snaps-audio-record-permissions into master Nov 21, 2023

This patch adds to wireplumber code to manage the Snap audio permissions.

SNAP containers have two main "audio" rules:

audio-playback: the applications inside the container can send audio samples into a sink
audio-record: the applications inside the container can get audio samples from a source

Also, old SNAP containers had the "pulseaudio" rule, which just exposed the pulseaudio socket directly, without limits. This is similar to the current Flatpak audio permissions.

In the pulseaudio days, an specific pulseaudio module was used that checked the permissions given to the application and allowed or forbide access to the pulseaudio operations. With the change to pipewire, this functionality must be implemented in pipewire-pulse and wireplumber to guarantee the sandbox security.

The current code checks for the presence of the pipewire.snap.id property in a client, in which case it will read the pipewire.snap.audio.playback and pipewire.snap.audio.record properties, and allow or deny access to that client to the nodes with Audio/Sink or Audio/Source media.class property.

Those pipewire.snap.* properties must be added in the pipewire-pulse module. That code is available in a different patch: pipewire!1779 (merged)

Edited Nov 22, 2023 by Sergio Costas

wireplumber: add support for snap permissions

Merge request reports