├── .gitignore ├── LICENSE-GPL2 ├── README.md ├── bubblebox.py └── profiles.py /.gitignore: -------------------------------------------------------------------------------- 1 | __pycache__ 2 | *jail 3 | -------------------------------------------------------------------------------- /LICENSE-GPL2: -------------------------------------------------------------------------------- 1 | GNU GENERAL PUBLIC LICENSE 2 | Version 2, June 1991 3 | 4 | Copyright (C) 1989, 1991 Free Software Foundation, Inc., 5 | 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA 6 | Everyone is permitted to copy and distribute verbatim copies 7 | of this license document, but changing it is not allowed. 8 | 9 | Preamble 10 | 11 | The licenses for most software are designed to take away your 12 | freedom to share and change it. By contrast, the GNU General Public 13 | License is intended to guarantee your freedom to share and change free 14 | software--to make sure the software is free for all its users. This 15 | General Public License applies to most of the Free Software 16 | Foundation's software and to any other program whose authors commit to 17 | using it. (Some other Free Software Foundation software is covered by 18 | the GNU Lesser General Public License instead.) You can apply it to 19 | your programs, too. 20 | 21 | When we speak of free software, we are referring to freedom, not 22 | price. Our General Public Licenses are designed to make sure that you 23 | have the freedom to distribute copies of free software (and charge for 24 | this service if you wish), that you receive source code or can get it 25 | if you want it, that you can change the software or use pieces of it 26 | in new free programs; and that you know you can do these things. 27 | 28 | To protect your rights, we need to make restrictions that forbid 29 | anyone to deny you these rights or to ask you to surrender the rights. 30 | These restrictions translate to certain responsibilities for you if you 31 | distribute copies of the software, or if you modify it. 32 | 33 | For example, if you distribute copies of such a program, whether 34 | gratis or for a fee, you must give the recipients all the rights that 35 | you have. You must make sure that they, too, receive or can get the 36 | source code. And you must show them these terms so they know their 37 | rights. 38 | 39 | We protect your rights with two steps: (1) copyright the software, and 40 | (2) offer you this license which gives you legal permission to copy, 41 | distribute and/or modify the software. 42 | 43 | Also, for each author's protection and ours, we want to make certain 44 | that everyone understands that there is no warranty for this free 45 | software. If the software is modified by someone else and passed on, we 46 | want its recipients to know that what they have is not the original, so 47 | that any problems introduced by others will not reflect on the original 48 | authors' reputations. 49 | 50 | Finally, any free program is threatened constantly by software 51 | patents. We wish to avoid the danger that redistributors of a free 52 | program will individually obtain patent licenses, in effect making the 53 | program proprietary. To prevent this, we have made it clear that any 54 | patent must be licensed for everyone's free use or not licensed at all. 55 | 56 | The precise terms and conditions for copying, distribution and 57 | modification follow. 58 | 59 | GNU GENERAL PUBLIC LICENSE 60 | TERMS AND CONDITIONS FOR COPYING, DISTRIBUTION AND MODIFICATION 61 | 62 | 0. This License applies to any program or other work which contains 63 | a notice placed by the copyright holder saying it may be distributed 64 | under the terms of this General Public License. The "Program", below, 65 | refers to any such program or work, and a "work based on the Program" 66 | means either the Program or any derivative work under copyright law: 67 | that is to say, a work containing the Program or a portion of it, 68 | either verbatim or with modifications and/or translated into another 69 | language. (Hereinafter, translation is included without limitation in 70 | the term "modification".) Each licensee is addressed as "you". 71 | 72 | Activities other than copying, distribution and modification are not 73 | covered by this License; they are outside its scope. The act of 74 | running the Program is not restricted, and the output from the Program 75 | is covered only if its contents constitute a work based on the 76 | Program (independent of having been made by running the Program). 77 | Whether that is true depends on what the Program does. 78 | 79 | 1. You may copy and distribute verbatim copies of the Program's 80 | source code as you receive it, in any medium, provided that you 81 | conspicuously and appropriately publish on each copy an appropriate 82 | copyright notice and disclaimer of warranty; keep intact all the 83 | notices that refer to this License and to the absence of any warranty; 84 | and give any other recipients of the Program a copy of this License 85 | along with the Program. 86 | 87 | You may charge a fee for the physical act of transferring a copy, and 88 | you may at your option offer warranty protection in exchange for a fee. 89 | 90 | 2. You may modify your copy or copies of the Program or any portion 91 | of it, thus forming a work based on the Program, and copy and 92 | distribute such modifications or work under the terms of Section 1 93 | above, provided that you also meet all of these conditions: 94 | 95 | a) You must cause the modified files to carry prominent notices 96 | stating that you changed the files and the date of any change. 97 | 98 | b) You must cause any work that you distribute or publish, that in 99 | whole or in part contains or is derived from the Program or any 100 | part thereof, to be licensed as a whole at no charge to all third 101 | parties under the terms of this License. 102 | 103 | c) If the modified program normally reads commands interactively 104 | when run, you must cause it, when started running for such 105 | interactive use in the most ordinary way, to print or display an 106 | announcement including an appropriate copyright notice and a 107 | notice that there is no warranty (or else, saying that you provide 108 | a warranty) and that users may redistribute the program under 109 | these conditions, and telling the user how to view a copy of this 110 | License. (Exception: if the Program itself is interactive but 111 | does not normally print such an announcement, your work based on 112 | the Program is not required to print an announcement.) 113 | 114 | These requirements apply to the modified work as a whole. If 115 | identifiable sections of that work are not derived from the Program, 116 | and can be reasonably considered independent and separate works in 117 | themselves, then this License, and its terms, do not apply to those 118 | sections when you distribute them as separate works. But when you 119 | distribute the same sections as part of a whole which is a work based 120 | on the Program, the distribution of the whole must be on the terms of 121 | this License, whose permissions for other licensees extend to the 122 | entire whole, and thus to each and every part regardless of who wrote it. 123 | 124 | Thus, it is not the intent of this section to claim rights or contest 125 | your rights to work written entirely by you; rather, the intent is to 126 | exercise the right to control the distribution of derivative or 127 | collective works based on the Program. 128 | 129 | In addition, mere aggregation of another work not based on the Program 130 | with the Program (or with a work based on the Program) on a volume of 131 | a storage or distribution medium does not bring the other work under 132 | the scope of this License. 133 | 134 | 3. You may copy and distribute the Program (or a work based on it, 135 | under Section 2) in object code or executable form under the terms of 136 | Sections 1 and 2 above provided that you also do one of the following: 137 | 138 | a) Accompany it with the complete corresponding machine-readable 139 | source code, which must be distributed under the terms of Sections 140 | 1 and 2 above on a medium customarily used for software interchange; or, 141 | 142 | b) Accompany it with a written offer, valid for at least three 143 | years, to give any third party, for a charge no more than your 144 | cost of physically performing source distribution, a complete 145 | machine-readable copy of the corresponding source code, to be 146 | distributed under the terms of Sections 1 and 2 above on a medium 147 | customarily used for software interchange; or, 148 | 149 | c) Accompany it with the information you received as to the offer 150 | to distribute corresponding source code. (This alternative is 151 | allowed only for noncommercial distribution and only if you 152 | received the program in object code or executable form with such 153 | an offer, in accord with Subsection b above.) 154 | 155 | The source code for a work means the preferred form of the work for 156 | making modifications to it. For an executable work, complete source 157 | code means all the source code for all modules it contains, plus any 158 | associated interface definition files, plus the scripts used to 159 | control compilation and installation of the executable. However, as a 160 | special exception, the source code distributed need not include 161 | anything that is normally distributed (in either source or binary 162 | form) with the major components (compiler, kernel, and so on) of the 163 | operating system on which the executable runs, unless that component 164 | itself accompanies the executable. 165 | 166 | If distribution of executable or object code is made by offering 167 | access to copy from a designated place, then offering equivalent 168 | access to copy the source code from the same place counts as 169 | distribution of the source code, even though third parties are not 170 | compelled to copy the source along with the object code. 171 | 172 | 4. You may not copy, modify, sublicense, or distribute the Program 173 | except as expressly provided under this License. Any attempt 174 | otherwise to copy, modify, sublicense or distribute the Program is 175 | void, and will automatically terminate your rights under this License. 176 | However, parties who have received copies, or rights, from you under 177 | this License will not have their licenses terminated so long as such 178 | parties remain in full compliance. 179 | 180 | 5. You are not required to accept this License, since you have not 181 | signed it. However, nothing else grants you permission to modify or 182 | distribute the Program or its derivative works. These actions are 183 | prohibited by law if you do not accept this License. Therefore, by 184 | modifying or distributing the Program (or any work based on the 185 | Program), you indicate your acceptance of this License to do so, and 186 | all its terms and conditions for copying, distributing or modifying 187 | the Program or works based on it. 188 | 189 | 6. Each time you redistribute the Program (or any work based on the 190 | Program), the recipient automatically receives a license from the 191 | original licensor to copy, distribute or modify the Program subject to 192 | these terms and conditions. You may not impose any further 193 | restrictions on the recipients' exercise of the rights granted herein. 194 | You are not responsible for enforcing compliance by third parties to 195 | this License. 196 | 197 | 7. If, as a consequence of a court judgment or allegation of patent 198 | infringement or for any other reason (not limited to patent issues), 199 | conditions are imposed on you (whether by court order, agreement or 200 | otherwise) that contradict the conditions of this License, they do not 201 | excuse you from the conditions of this License. If you cannot 202 | distribute so as to satisfy simultaneously your obligations under this 203 | License and any other pertinent obligations, then as a consequence you 204 | may not distribute the Program at all. For example, if a patent 205 | license would not permit royalty-free redistribution of the Program by 206 | all those who receive copies directly or indirectly through you, then 207 | the only way you could satisfy both it and this License would be to 208 | refrain entirely from distribution of the Program. 209 | 210 | If any portion of this section is held invalid or unenforceable under 211 | any particular circumstance, the balance of the section is intended to 212 | apply and the section as a whole is intended to apply in other 213 | circumstances. 214 | 215 | It is not the purpose of this section to induce you to infringe any 216 | patents or other property right claims or to contest validity of any 217 | such claims; this section has the sole purpose of protecting the 218 | integrity of the free software distribution system, which is 219 | implemented by public license practices. Many people have made 220 | generous contributions to the wide range of software distributed 221 | through that system in reliance on consistent application of that 222 | system; it is up to the author/donor to decide if he or she is willing 223 | to distribute software through any other system and a licensee cannot 224 | impose that choice. 225 | 226 | This section is intended to make thoroughly clear what is believed to 227 | be a consequence of the rest of this License. 228 | 229 | 8. If the distribution and/or use of the Program is restricted in 230 | certain countries either by patents or by copyrighted interfaces, the 231 | original copyright holder who places the Program under this License 232 | may add an explicit geographical distribution limitation excluding 233 | those countries, so that distribution is permitted only in or among 234 | countries not thus excluded. In such case, this License incorporates 235 | the limitation as if written in the body of this License. 236 | 237 | 9. The Free Software Foundation may publish revised and/or new versions 238 | of the General Public License from time to time. Such new versions will 239 | be similar in spirit to the present version, but may differ in detail to 240 | address new problems or concerns. 241 | 242 | Each version is given a distinguishing version number. If the Program 243 | specifies a version number of this License which applies to it and "any 244 | later version", you have the option of following the terms and conditions 245 | either of that version or of any later version published by the Free 246 | Software Foundation. If the Program does not specify a version number of 247 | this License, you may choose any version ever published by the Free Software 248 | Foundation. 249 | 250 | 10. If you wish to incorporate parts of the Program into other free 251 | programs whose distribution conditions are different, write to the author 252 | to ask for permission. For software which is copyrighted by the Free 253 | Software Foundation, write to the Free Software Foundation; we sometimes 254 | make exceptions for this. Our decision will be guided by the two goals 255 | of preserving the free status of all derivatives of our free software and 256 | of promoting the sharing and reuse of software generally. 257 | 258 | NO WARRANTY 259 | 260 | 11. BECAUSE THE PROGRAM IS LICENSED FREE OF CHARGE, THERE IS NO WARRANTY 261 | FOR THE PROGRAM, TO THE EXTENT PERMITTED BY APPLICABLE LAW. EXCEPT WHEN 262 | OTHERWISE STATED IN WRITING THE COPYRIGHT HOLDERS AND/OR OTHER PARTIES 263 | PROVIDE THE PROGRAM "AS IS" WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESSED 264 | OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF 265 | MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. THE ENTIRE RISK AS 266 | TO THE QUALITY AND PERFORMANCE OF THE PROGRAM IS WITH YOU. SHOULD THE 267 | PROGRAM PROVE DEFECTIVE, YOU ASSUME THE COST OF ALL NECESSARY SERVICING, 268 | REPAIR OR CORRECTION. 269 | 270 | 12. IN NO EVENT UNLESS REQUIRED BY APPLICABLE LAW OR AGREED TO IN WRITING 271 | WILL ANY COPYRIGHT HOLDER, OR ANY OTHER PARTY WHO MAY MODIFY AND/OR 272 | REDISTRIBUTE THE PROGRAM AS PERMITTED ABOVE, BE LIABLE TO YOU FOR DAMAGES, 273 | INCLUDING ANY GENERAL, SPECIAL, INCIDENTAL OR CONSEQUENTIAL DAMAGES ARISING 274 | OUT OF THE USE OR INABILITY TO USE THE PROGRAM (INCLUDING BUT NOT LIMITED 275 | TO LOSS OF DATA OR DATA BEING RENDERED INACCURATE OR LOSSES SUSTAINED BY 276 | YOU OR THIRD PARTIES OR A FAILURE OF THE PROGRAM TO OPERATE WITH ANY OTHER 277 | PROGRAMS), EVEN IF SUCH HOLDER OR OTHER PARTY HAS BEEN ADVISED OF THE 278 | POSSIBILITY OF SUCH DAMAGES. 279 | 280 | END OF TERMS AND CONDITIONS 281 | 282 | How to Apply These Terms to Your New Programs 283 | 284 | If you develop a new program, and you want it to be of the greatest 285 | possible use to the public, the best way to achieve this is to make it 286 | free software which everyone can redistribute and change under these terms. 287 | 288 | To do so, attach the following notices to the program. It is safest 289 | to attach them to the start of each source file to most effectively 290 | convey the exclusion of warranty; and each file should have at least 291 | the "copyright" line and a pointer to where the full notice is found. 292 | 293 | 294 | Copyright (C) 295 | 296 | This program is free software; you can redistribute it and/or modify 297 | it under the terms of the GNU General Public License as published by 298 | the Free Software Foundation; either version 2 of the License, or 299 | (at your option) any later version. 300 | 301 | This program is distributed in the hope that it will be useful, 302 | but WITHOUT ANY WARRANTY; without even the implied warranty of 303 | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 304 | GNU General Public License for more details. 305 | 306 | You should have received a copy of the GNU General Public License along 307 | with this program; if not, write to the Free Software Foundation, Inc., 308 | 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. 309 | 310 | Also add information on how to contact you by electronic and paper mail. 311 | 312 | If the program is interactive, make it output a short notice like this 313 | when it starts in an interactive mode: 314 | 315 | Gnomovision version 69, Copyright (C) year name of author 316 | Gnomovision comes with ABSOLUTELY NO WARRANTY; for details type `show w'. 317 | This is free software, and you are welcome to redistribute it 318 | under certain conditions; type `show c' for details. 319 | 320 | The hypothetical commands `show w' and `show c' should show the appropriate 321 | parts of the General Public License. Of course, the commands you use may 322 | be called something other than `show w' and `show c'; they could even be 323 | mouse-clicks or menu items--whatever suits your program. 324 | 325 | You should also get your employer (if you work as a programmer) or your 326 | school, if any, to sign a "copyright disclaimer" for the program, if 327 | necessary. Here is a sample; alter the names: 328 | 329 | Yoyodyne, Inc., hereby disclaims all copyright interest in the program 330 | `Gnomovision' (which makes passes at compilers) written by James Hacker. 331 | 332 | , 1 April 1989 333 | Ty Coon, President of Vice 334 | 335 | This General Public License does not permit incorporating your program into 336 | proprietary programs. If your program is a subroutine library, you may 337 | consider it more useful to permit linking proprietary applications with the 338 | library. If this is what you want to do, use the GNU Lesser General 339 | Public License instead of this License. 340 | -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- 1 | # BubbleBox: Simple Application Sandboxing 2 | 3 | ## Introduction 4 | 5 | This is the documentation of [BubbleBox](https://www.ralfj.de/projects/bubblebox), a 6 | tool to easily sandbox Linux applications. 7 | 8 | The primary use-case for BubbleBox is running applications that you do not trust enough 9 | to give them full access to your home directory, and in particular the secret keys stored there. 10 | BubbleBox is based on [bubblewrap] and [xdg-dbus-proxy] which do all of the heavy lifting. 11 | 12 | The goals of this project are similar to [firejail], but I found firejail's configuration to be extremely hard to maintain and debug. 13 | BubbleBox is meant for people that are comfortable editing its Python source code to adjust it to their needs; 14 | if you are looking for something with a more out-of-the-box experience, try [bubblejail]. 15 | 16 | [firejail]: https://firejail.wordpress.com/ 17 | [bubblejail]: https://github.com/igo95862/bubblejail 18 | [bubblewrap]: https://github.com/containers/bubblewrap 19 | [xdg-dbus-proxy]: https://github.com/flatpak/xdg-dbus-proxy 20 | 21 | ## Usage 22 | 23 | The typical way to use BubbleBox is to create a new "jail" script in the BubbleBox source folder. 24 | For instance, if you want a "gamejail" that you can use to run games, create a file `gamejail` 25 | in a BubbleBox checkout with contents like this: 26 | 27 | ```python 28 | #!/bin/python3 29 | from bubblebox import * 30 | 31 | bubblebox( 32 | profiles.DESKTOP("gamejail"), 33 | dbus_proxy_flags("--own=com.steampowered.*"), 34 | 35 | home_access({ 36 | ".steam": Access.Write, 37 | }), 38 | ) 39 | ``` 40 | 41 | Then add a symlink to this file somewhere to your PATH, and now you can use `gamejail ` 42 | to run arbitrary games inside the BubbleBox. 43 | 44 | ### Configuration directives 45 | 46 | A BubbleBox sandbox is configured by passing a list of directives to the 47 | `bubblebox` functions that declare things the sandbox has access to. Everything 48 | else is blocked by default. 49 | 50 | These directives are basically lists of bubblewrap and xdg-dbus-proxy flags, 51 | but BubbleBox provides some convenience functions 52 | to allow higher-level configuration and to share common patterns. 53 | 54 | The `profiles.py` file contains some useful directives that are needed by most applications: 55 | - `profiles.DEFAULT` adds the basic flags to isolate the sandbox from the environment 56 | by unsharing all namespaces except for the network. 57 | This profile gives access to `/usr`, `/sys`, and `/etc` and also creates a 58 | stub file system inside the sandbox that is basically always required, such as 59 | an empty folder to serve as XDG_RUNTIME_DIR. It assumes a merged-usr setup, 60 | e.g. it will add `/bin` as a symlink to `/usr/bin`. It also gives read-only 61 | access to some files in the home directory that are often needed to make a 62 | basic shell work: `.bashrc`, `.bash_aliases`, `.profile` and the `bin` 63 | directory. 64 | - `profiles.DESKTOP("name")` is intended to make GUI applications work. It 65 | extends `DEFAULT` by providing access to DRI, X11, ALSA, Wayland, and 66 | PulseAudio. Furthermore, some GUI configuration files (`.XCompose`, 67 | fontconfig, and default mime-type associations) are made available to the 68 | sandbox. The `"name"` is used to create an XDG_RUNTIME_DIR that will be shared 69 | among all instances of this sandbox. This also sets up the D-Bus proxy and 70 | gives the application access to notifications, screen saver control, status 71 | icons, and the flatpak portals (however, actually using these portals is 72 | untested and would likely require further integration). Finally, it makes 73 | clicking on links inside the sandbox work properly if your default browser is 74 | Firefox. 75 | 76 | I recommend looking at the sources in `default.py` to learn how to configure your 77 | own sandboxes. Here are the key directives to use: 78 | - `host_access` gives the sandbox read-only or read-write access to some part 79 | of the host file system. This is declared via nested Python dicts and supports 80 | glob expressions. 81 | - `home_access` works the same as `host_access` except all paths are relative 82 | to the home directory. 83 | - `bwrap_flags` allows passing flags directly to `bwrap`. This is rarely needed. 84 | - `dbus_proxy_flags` allows passing flags directly to `xdg-dbus-proxy`. 85 | This is the typical way to provide access to additional D-Bus names. 86 | 87 | ## Source, License 88 | 89 | You can find the sources in the 90 | [git repository](https://git.ralfj.de/bubblebox.git) (also available 91 | [on GitHub](https://github.com/RalfJung/bubblebox)). They are provided under the 92 | [GPLv2](https://www.gnu.org/licenses/old-licenses/gpl-2.0.html) or (at your 93 | option) any later version of the GPL. See the file `LICENSE-GPL2` for more 94 | details. 95 | 96 | ## Contact 97 | 98 | If you found a bug, or want to leave a comment, please 99 | [send me a mail](mailto:post-AT-ralfj-DOT-de). I'm also happy about pull 100 | requests :) 101 | -------------------------------------------------------------------------------- /bubblebox.py: -------------------------------------------------------------------------------- 1 | import sys, os, glob, random, string, subprocess 2 | from pprint import pprint 3 | 4 | HOME = os.environ["HOME"] 5 | XDG_RUNTIME_DIR = os.environ["XDG_RUNTIME_DIR"] 6 | BUBBLEBOX_DIR = XDG_RUNTIME_DIR + "/bubblebox" 7 | os.makedirs(BUBBLEBOX_DIR, exist_ok=True) 8 | 9 | def randname(): 10 | # choose from all lowercase letter 11 | letters = string.ascii_lowercase 12 | return ''.join(random.choice(letters) for i in range(8)) 13 | 14 | class BwrapInvocation: 15 | """Gathered information for a bwrap invocation. 16 | This will be created empty, and then each directive's `setup` function is called 17 | with this object, so they can accumulate the bwrap flags and any other relevant state.""" 18 | def __init__(self): 19 | # The flags to pass to bwrap. 20 | self.flags = [] 21 | # Functions to call at the end of the setup process. 22 | # They will receive this object as argument, so they can add further flags. 23 | self.finalizers = [] 24 | # If this is `None` it means so far no d-bus proxy has been set up. 25 | self.dbus_proxy_flags = None 26 | 27 | class BwrapDirective: 28 | """Directive that just passes flags to bwrap.""" 29 | def __init__(self, bwrap_flags): 30 | self.bwrap_flags = bwrap_flags 31 | def setup(self, bwrap): 32 | bwrap.flags.extend(self.bwrap_flags) 33 | 34 | class GroupDirective: 35 | """Directive that groups a bunch of directives to be treated as one.""" 36 | def __init__(self, directives): 37 | self.directives = directives 38 | def setup(self, bwrap): 39 | for directive in self.directives: 40 | directive.setup(bwrap) 41 | 42 | class DbusProxyDirective: 43 | """Directive that sets up a d-bus proxy and adds flags to it. 44 | If the directive is used multiple times, the flags accumulate.""" 45 | def __init__(self, dbus_proxy_flags): 46 | self.dbus_proxy_flags = dbus_proxy_flags 47 | def setup(self, bwrap): 48 | if bwrap.dbus_proxy_flags is None: 49 | # We are the first d-bus proxy directive. Set up the flags and the finalizer. 50 | bwrap.dbus_proxy_flags = [] 51 | bwrap.finalizers.append(DbusProxyDirective.launch_dbus_proxy) 52 | # Always add the flags. 53 | bwrap.dbus_proxy_flags.extend(self.dbus_proxy_flags) 54 | def launch_dbus_proxy(bwrap): 55 | """Finalizer that launches a d-bus proxy with the flags accumulated in `bwrap`.""" 56 | # For the system bus, we assume it to be at a fixed location and provide it to the sandbox at that same location. 57 | # For the session bus, we tell the proxy to talk to DBUS_SESSION_BUS_ADDRESS on the host, but we always put it 58 | # at `$XDG_RUNTIME_DIR/bus` in the sandbox. 59 | session_bus = XDG_RUNTIME_DIR + "/bus" # how the sandbox will see the bus 60 | system_bus = "/run/dbus/system_bus_socket" 61 | session_bus_proxy = BUBBLEBOX_DIR + "/bus-" + randname() 62 | system_bus_proxy = BUBBLEBOX_DIR + "/bus-system-" + randname() 63 | # Prepare a pipe to coordinate shutdown of bwrap and the proxy 64 | bwrap_end, other_end = os.pipe() # both FDs are "non-inheritable" now 65 | # Invoke the debus-proxy 66 | args = ["/usr/bin/xdg-dbus-proxy", "--fd="+str(other_end)] 67 | args += ["unix:path="+system_bus, system_bus_proxy, "--filter"] # just block everything for the system bus 68 | args += [os.environ["DBUS_SESSION_BUS_ADDRESS"], session_bus_proxy, "--filter"] + bwrap.dbus_proxy_flags 69 | #pprint(args) 70 | subprocess.Popen( 71 | args, 72 | pass_fds = [other_end], # default is to pass only the std FDs! 73 | ) 74 | # Wait until the proxy is ready 75 | os.read(bwrap_end, 1) 76 | assert os.path.exists(session_bus_proxy) 77 | # Make sure bwrap can access the other end of the pipe 78 | os.set_inheritable(bwrap_end, True) 79 | # Put this at the usual location for the bus insode the sandbox. 80 | # TODO: What if DBUS_SESSION_BUS_ADDRESS says something else? 81 | bwrap.flags.extend(( 82 | "--setenv", "DBUS_SESSION_BUS_ADDRESS", "unix:path="+session_bus, 83 | "--bind", session_bus_proxy, session_bus, 84 | "--bind", system_bus_proxy, system_bus, 85 | "--sync-fd", str(bwrap_end), 86 | )) 87 | 88 | # Constructors that should be used instead of directly mentioning the class above. 89 | def bwrap_flags(*flags): 90 | return BwrapDirective(flags) 91 | def dbus_proxy_flags(*flags): 92 | return DbusProxyDirective(flags) 93 | def group(*directives): 94 | return GroupDirective(directives) 95 | 96 | # Run the application in the bubblebox with the given flags. 97 | def bubblebox(*directives): 98 | if len(sys.argv) <= 1: 99 | print(f"USAGE: {sys.argv[0]} ") 100 | sys.exit(1) 101 | # Make sure `--die-with-parent` is always set. 102 | directives = group(bwrap_flags("--die-with-parent"), *directives) 103 | # Compute the bwrap invocation by running all the directives. 104 | bwrap = BwrapInvocation() 105 | directives.setup(bwrap) 106 | for finalizer in bwrap.finalizers: 107 | finalizer(bwrap) 108 | # Run bwrap 109 | args = ["/usr/bin/bwrap"] + bwrap.flags + ["--"] + sys.argv[1:] 110 | #pprint(args) 111 | os.execvp(args[0], args) 112 | 113 | # Give all instances of the same box a shared XDG_RUNTIME_DIR 114 | def shared_runtime_dir(boxname): 115 | dirname = BUBBLEBOX_DIR + "/" + boxname 116 | os.makedirs(dirname, exist_ok=True) 117 | return bwrap_flags("--bind", dirname, XDG_RUNTIME_DIR) 118 | 119 | # Convenient way to declare host access 120 | class Access: 121 | Read = 0 122 | Write = 1 123 | Device = 2 124 | 125 | def flag(val): 126 | if val == Access.Read: 127 | return "--ro-bind" 128 | elif val == Access.Write: 129 | return "--bind" 130 | elif val == Access.Device: 131 | return "--dev-bind" 132 | else: 133 | raise Exception(f"invalid access value: {val}") 134 | def host_access(dirs): 135 | def expand(root, names): 136 | """`names` is one or more strings that can contain globs. Expand them all relative to `root`.""" 137 | if isinstance(names, str): 138 | names = (names,) 139 | assert isinstance(names, tuple) 140 | for name in names: 141 | assert not (name.startswith("../") or name.__contains__("/../") or name.endswith("../")) 142 | path = root + "/" + name 143 | # prettification 144 | path = path.replace("//", "/") 145 | path = path.removesuffix("/.") 146 | # glob expansion 147 | globbed = glob.glob(path) 148 | if len(globbed) == 0: 149 | raise Exception(f"Path does not exist: {path}") 150 | yield from globbed 151 | def recursive_host_access(root, dirs, out): 152 | for names, desc in dirs.items(): 153 | for path in expand(root, names): 154 | if isinstance(desc, dict): 155 | # Recurse into children 156 | recursive_host_access(path, desc, out) 157 | else: 158 | # Allow access to this path 159 | out.extend((Access.flag(desc), path, path)) 160 | # Start the recursive traversal 161 | out = [] 162 | recursive_host_access("", dirs, out) 163 | #pprint(out) 164 | return bwrap_flags(*out) 165 | def home_access(dirs): 166 | return host_access({ HOME: dirs }) 167 | 168 | # Profile the profiles when importing bubblebox. 169 | import profiles 170 | -------------------------------------------------------------------------------- /profiles.py: -------------------------------------------------------------------------------- 1 | from bubblebox import * 2 | 3 | # Various default sandbox settings 4 | DEFAULT = group( 5 | # namespace unsharing 6 | # cannot unshare IPC as that breaks some wine applications 7 | bwrap_flags("--unshare-user", "--unshare-pid", "--unshare-cgroup"), 8 | # A different hostname is useful to be able to see when we are inside the sandbox. 9 | # However, some applications will not like this unless the hostname also exists in `/etc/hosts`! 10 | # Also, gnome-shell doesn't display window icons properly when this is set. 11 | #bwrap_flags("--unshare-uts", "--hostname", "bubblebox"), 12 | # Make sure the sandbox cannot inject commands into the host terminal. 13 | # TODO: This flag breaks some CLI applications, like job control in shells. 14 | # Consider using SECCOMP instead. 15 | # Possible code to use for that: 16 | # There is also a good list of possible-syscalls-to-block at 17 | # . 18 | bwrap_flags("--new-session"), 19 | # basic directories 20 | bwrap_flags("--proc", "/proc", "--dev", "/dev", "--dir", "/tmp", "--dir", "/var", "--dir", "/run", "--symlink", "../run", "/var/run"), 21 | # an empty XDG_RUNTIME_DIR 22 | bwrap_flags("--perms", "0700", "--dir", XDG_RUNTIME_DIR), 23 | # merged-usr symlinks 24 | bwrap_flags("--symlink", "usr/lib", "/lib", "--symlink", "usr/lib64", "/lib64", "--symlink", "usr/bin", "/bin", "--symlink", "usr/sbin", "/sbin"), 25 | # folders we always need access to 26 | host_access({ ("/usr", "/sys", "/etc"): Access.Read }), 27 | # make a basic shell work 28 | home_access({ 29 | (".bashrc", ".bash_aliases", ".profile"): Access.Read, 30 | "bin": Access.Read, 31 | }), 32 | ) 33 | 34 | def X11(): 35 | display = os.environ["DISPLAY"].removeprefix(":").split('.')[0] 36 | return host_access({ 37 | "/tmp/.X11-unix/": { 38 | "X"+display: Access.Read, 39 | }, 40 | os.environ["XAUTHORITY"]: Access.Read, 41 | }) 42 | 43 | # https://github.com/igo95862/bubblejail/blob/master/src/bubblejail/services.py is a good source of paths that need allowing. 44 | # We do not give access to pipewire, that needs a portal (https://docs.pipewire.org/page_portal.html). 45 | def DESKTOP(name): 46 | return group( 47 | DEFAULT, 48 | # Share XDG_RUNTIME_DIR among all instances of this sandbox 49 | shared_runtime_dir(name), 50 | # Access to display servers, hardware acceleration, and audio 51 | host_access({ 52 | "dev": { 53 | ("dri", "snd"): Access.Device, 54 | }, 55 | XDG_RUNTIME_DIR: { 56 | (os.environ["WAYLAND_DISPLAY"], "pulse"): Access.Read, 57 | }, 58 | }), 59 | X11(), 60 | # Access to some key user configuration. 61 | # We set GSETTINGS_BACKEND to make GTK3 apps use the config file in ~/.config/glib-2.0. 62 | # (The "right" solution here is probably the settings portal...) 63 | home_access({ 64 | (".config/fontconfig", ".config/glib-2.0", ".XCompose", ".local/share/applications"): Access.Read, 65 | }), 66 | bwrap_flags("--setenv", "GSETTINGS_BACKEND", "keyfile"), 67 | # Access to basic d-bus services (that are hopefully safe to expose...) 68 | dbus_proxy_flags( 69 | "--call=org.kde.StatusNotifierWatcher=@/StatusNotifierWatcher", 70 | "--call=org.freedesktop.Notifications=@/org/freedesktop/Notifications", 71 | "--call=org.freedesktop.ScreenSaver=@/org/freedesktop/ScreenSaver", 72 | "--call=org.freedesktop.ScreenSaver=@/ScreenSaver", 73 | "--talk=org.freedesktop.portal.*", 74 | ), 75 | # Make it possible to open websites in Firefox 76 | home_access({ ".mozilla/firefox/profiles.ini": Access.Read }), 77 | dbus_proxy_flags("--call=org.mozilla.firefox.*=@/org/mozilla/firefox/Remote"), 78 | ) 79 | --------------------------------------------------------------------------------