Pidgin exposes everything through its D-Bus service

Originally created by @anonym on #14612 (Redmine)

See e.g.: https://developer.pidgin.im/wiki/DbusHowto

So Tor Browser can totally sniff your buddy list and send your friends creepy messages.

Disabling this interface some how would solve this, but we’re gonna use it in Tails Server’s client application, to automate account creation, joining the right chat, etc. intrigeri tells me we could do D-Bus mediation with AppArmor once Linux 4.16 is available to us (unless it’s delayed) which sounds ideal.

Feature Branch: bugfix/14612-deny-access-to-pidgin-dbus-service

Related issues

Blocks #13234 (closed)

Edited May 15, 2020 by anonym

To upload designs, you'll need to enable LFS and have an admin enable hashed storage. More information