[apparmor] Fwd: Native file choosers in Gtk+

[intrigeri]

Hi,

FYI, here's interesting progress on the "security by designation"
front (letting the user explicitly tell the security framework what
they want to do ⇒ what resources the application they're using shall
have access to) in GTK+:

--- Begin Message ---

Recently I have been working on support for a filechooser portal for sandboxed
applications (in xdg-app). The way these work is that the application triggers
a file chooser, then the actual user interaction happens outside the sandbox,
and the application only recieves the file data after the user finished the
interaction.

Ideally something like this would be completely hidden by the toolkit, and the
application would just use the regular file chooser APIs. However, the Gtk+
filechooser APIs expose too much details about the file chooser dialog, which
means it has to be a regular in-process widget. Unfortunately this means we
can't replace it by an out-of-process dialog.

What we need is a Gtk+ API for the file chooser that hides the details of how
the dialog works. At this point I realized that this is something that has
been requested a lot in a different context. Such an API would allow us to
plug in platform-native file chooser dialogs.

So, I got to work, and today I landed support for native Windows file choosers
in Gtk:

[![win32 file chooser in gtk](https://blogs.gnome.org/alexl/files/2015/11/scre
enshot.png)](https://blogs.gnome.org/alexl/files/2015/11/screenshot.png)We
will also look at implementing an OSX version of this to ensure that the APIs
work for the common cases.

Now that we have this people can start porting their applications (which is
quite trivial in the common case, as the APIs is very similar to the old
APIs). And once the apps are ported they will automatically get support for
the filechooser portal to make them work in a sandboxed environment.

So, anyone maintaining a Gtk 3 application that want to work better on other
platforms, or when sandboxed should take a look at the new
GtkFileChooserNative API. Right now it only exists in git, but once there is a
new release it should show up in the [API
docs](https://developer.gnome.org/gtk3/unstable/).



URL: https://blogs.gnome.org/alexl/2015/11/05/native-file-choosers-in-gtk/

--- End Message ---

-- 
intrigeri

-- 
AppArmor mailing list
AppArmor@lists.ubuntu.com
Modify settings or unsubscribe at: 
https://lists.ubuntu.com/mailman/listinfo/apparmor