From 5527ffb89c4fa8eb6176609ecbf468e7e9a3f1b2 Mon Sep 17 00:00:00 2001
From: Bernd Schoolmann <mail@quexten.com>
Date: Mon, 19 Aug 2024 14:11:26 +0200
Subject: [PATCH] Move linux memory isolations behind env variable (#10525)

---
 apps/desktop/src/main/window.main.ts | 16 +++++++++-------
 1 file changed, 9 insertions(+), 7 deletions(-)

diff --git a/apps/desktop/src/main/window.main.ts b/apps/desktop/src/main/window.main.ts
index 77528994a4..deb370201f 100644
--- a/apps/desktop/src/main/window.main.ts
+++ b/apps/desktop/src/main/window.main.ts
@@ -120,13 +120,15 @@ export class WindowMain {
               }
             }
 
-            this.logService.info(
-              "Disabling external memory dumps & debugger access in main process",
-            );
-            try {
-              await processisolations.disableMemoryAccess();
-            } catch (e) {
-              this.logService.error("Failed to disable memory access", e);
+            // this currently breaks the file portal, so should only be used when
+            // no files are needed but security requirements are super high https://github.com/flatpak/xdg-desktop-portal/issues/785
+            if (process.env.EXPERIMENTAL_PREVENT_DEBUGGER_MEMORY_ACCESS === "true") {
+              this.logService.info("Disabling memory dumps in main process");
+              try {
+                await processisolations.disableMemoryAccess();
+              } catch (e) {
+                this.logService.error("Failed to disable memory dumps", e);
+              }
             }
           }