Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Update mimetype handling for Debian Stretch #158

Closed
conorsch opened this issue Oct 4, 2018 · 4 comments
Closed

Update mimetype handling for Debian Stretch #158

conorsch opened this issue Oct 4, 2018 · 4 comments

Comments

@conorsch
Copy link
Contributor

conorsch commented Oct 4, 2018

The submission handling logic relies on custom mimetype associations in order to ensure that submissions are never opened in the sd-svs AppVM (where the SecureDrop Client runs), but rather opens in a network-less DispVM. Once inside the DispVM, mimetypes are also important: the proper application must be selected to ensure a positive user experience. For example, we want to ensure that plaintext submission are opened in gedit, not nano or vim.

Use of xdg-open should be sufficient to ensure proper handling of mimetypes, but some additional dependencies may be required:

  • gvfs-bin and libgnomevfs2-bin (to ensure xdg-mime operates correctly)
  • nautilus should be present in the sd-svs VM (but isn't included by default in the debian-9 template); we can revisit after Convert sd-journalist to sd-proxy #138 is implemented

We also want to ensure that system paths such as /usr/share/applications/mimeapps.list are not vulnerable to clobbering by upstream changes. It's also an option to declare the mimetype associations in ~/.config/mimeapps.list, but using a non-system path will complicate both packaging logic and the use of TemplateVMs (since AppVMs receive their own $HOME by default, not copied from the base TemplateVM).

See the discussion thread in #155 (comment) for reference.
@conorsch conorsch mentioned this issue Oct 13, 2018
Merged
@conorsch
Copy link
Contributor Author

While testing #160, noticed that JPG images open in a DispVM in Firefox. That's not what we want (although it does display the image). Let's force an appropriate handler for that type.

@conorsch conorsch mentioned this issue Oct 18, 2018
Merged
@eloquence
Copy link
Member

The recommended handlers for different MIME types with various caveats can be found here; see #168 for background.

@kushaldas
Copy link
Contributor

/usr/share/applications/mimeapps.list

Just now verified that on Debian Stretch that file does not exists.

How to test?

sudo apt-get install apt-file
sudo apt-file update
sudo apt-file find /usr/share/applications/mimeapps.list

I even checked this:

~$ sudo apt-file find /usr/share/applications/ | grep list
cinnamon-desktop-data: /usr/share/applications/x-cinnamon-mimeapps.list
gnome-session-common: /usr/share/applications/gnome-mimeapps.list
kde-telepathy-contact-list: /usr/share/applications/org.kde.ktpcontactlist.desktop
knowthelist: /usr/share/applications/knowthelist.desktop

@conorsch We are good to go :)

@eloquence eloquence mentioned this issue Oct 31, 2018
Closed
@conorsch
Copy link
Contributor Author

Great! Now that we have #182 tracking the package implementation, and judging by @kushaldas's findings on the lack of clobbering risk, the research task identified by this ticket is satisfied.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@eloquence @kushaldas @conorsch