Excellent Project; How will sandbox work with drm?

Asked by Gordon gwb 2Realms com on 2015-02-09

Hello, Pipelight,

Thank you for the excellent work. I had a question about your experimental sandbox feature. I tried it with Acorn.tv (which uses Brightcove) and as I expected it did not work. This is alluded to in your FAQ:

http://pipelight.net/cms/faqs/faq-fix-xattr-error-using-nfs-volumes.html

If the sandbox makes the exposed part of the file system read only, then the DRM cannot be written to disk, correct? I wonder if it might work, however, if it were mounted read write in /dev/shm/ or /dev/run/ (I think that's the same directory in Ubuntu)? Arch Linux already has a daemon which does this:

https://wiki.archlinux.org/index.php/Firefox_Ramdisk

Or, perhaps, something like jails in FreeBSD or zones in Solaris. Who knows, wine might the same thing in one of its "bottles". But /dev/shm/ is nice because it is extremely fast, and not persistent, disappearing after each reboot.

In any event, keep up the good work.

On another note, your two older archives might be falling behind in the dependencies they list for wine-staging-i386. I followed your instructions here:

https://launchpad.net/pipelight/+announcement/12266

and the apt-get dependencies errors went away with the new, single stable PPA.

Thank you for all your work.

Gordon

Question information

Language:
English Edit question
Status:
Answered
For:
Pipelight Edit question
Assignee:
No assignee Edit question
Last query:
2015-02-09
Last reply:
2015-02-20
Michael Müller (mqchael) said : #1

Hi,

sorry for the delayed answer. The sandbox itself mounts / as read only with one exception, the wineprefix (which is used to store the files of windows programs) is writable. For other directories which need to writable, like /tmp, we use a tmpfs so that they don't share the same content with the rest of the system. However, this approach did not work with all gpu drivers because the wine applications couldn't communicate via shared memory with the X server, they were limited to use the X socket.

At the time we wrote the sandbox the kernel missed some features which we had to workaround with some really ugly code and it was not 100% secure as we know now. Some things are now easier to solve, but we discontinued the idea as lack of user interest and there were some other parts of wine / Pipelight which needed work.

Michael

Can you help with this problem?

Provide an answer of your own, or ask Gordon gwb 2Realms com for more information if necessary.

To post a message you must log in.