Bug#919299: ITP: flatpak-xdg-utils -- xdg-open and xdg-email reimplementation for containerized apps
- Date: Mon, 14 Jan 2019 19:11:19 +0000
- From: Simon McVittie <smcv@xxxxxxxxxx>
- Subject: Bug#919299: ITP: flatpak-xdg-utils -- xdg-open and xdg-email reimplementation for containerized apps
Owner: Simon McVittie <smcv@xxxxxxxxxx>
* Package name : flatpak-xdg-utils
Version : 0.1+ (git snapshot)
Upstream Author : Florian Müllner, Matthias Clasen, Alex Larsson
* URL : https://github.com/flatpak/flatpak-xdg-utils
* License : LGPL-2+
Programming Lang: C
Description : xdg-open and xdg-email reimplementation for containerized apps
Applications running in a Flatpak sandbox cannot normally launch arbitrary
subprocesses outside the container to open files and URLs. This
package provides reimplementations of the standard xdg-open(1) and
xdg-email(1) command-line tools intended to be run inside the container.
They use the D-Bus session bus to communicate with the xdg-desktop-portal
service outside the container.
These tools are developed alongside Flatpak, but they are not completely
Flatpak-specific, and might also be useful for other app-container
This package is normally only useful if you are using Debian packages
to construct a Flatpak runtime, and should not be installed on a normal
Debian desktop system. On desktop systems please install the reference
implementation of the xdg-open and xdg-email tools, which can be found
in the xdg-utils package.
If this package is installed in a non-Flatpak environment for testing,
it will not work without the dbus-session-bus and xdg-desktop-portal
[X-Debbugs-Cc to xdg-utils maintainers for information: this will
probably have Conflicts/Replaces, and possibly Provides, on the reference
implementation of xdg-utils.]
This will probably also produce a second binary package, flatpak-spawn
or similar, with the parts that are completely Flatpak-specific:
Description: tool to run programs outside a Flatpak sandbox
Applications running in a Flatpak sandbox cannot normally run arbitrary
commands outside the container, and cannot create nested containers.
The flatpak-spawn tool uses the D-Bus session bus to communicate with
a portal service provided by Flatpak outside the container, which can run
commands on behalf of the sandboxed application, subject to Flatpak
Applications that contain a helper tool such as a thumbnailer can use
flatpak-spawn to launch that tool in a new instance of their own
sandbox, with more restrictive permissions. For example, this can be
used to mitigate possible security vulnerabilities in thumbnailers by
granting fewer privileges to the thumbnailer.
Trusted applications with the 'devel' privilege flag, such as the GNOME
Builder integrated development environment, can also use flatpak-spawn
to run arbitrary commands on the host system, bypassing the sandbox.
This package is only useful if you are using Debian packages to construct
a Flatpak runtime, and should not be installed on a normal Debian desktop