Move linux memory isolations behind env variable (#10525)

This commit is contained in:
Bernd Schoolmann 2024-08-19 14:11:26 +02:00 committed by GitHub
parent e3d9804b5f
commit 5527ffb89c
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
1 changed files with 9 additions and 7 deletions

View File

@ -120,13 +120,15 @@ export class WindowMain {
} }
} }
this.logService.info( // this currently breaks the file portal, so should only be used when
"Disabling external memory dumps & debugger access in main process", // no files are needed but security requirements are super high https://github.com/flatpak/xdg-desktop-portal/issues/785
); if (process.env.EXPERIMENTAL_PREVENT_DEBUGGER_MEMORY_ACCESS === "true") {
this.logService.info("Disabling memory dumps in main process");
try { try {
await processisolations.disableMemoryAccess(); await processisolations.disableMemoryAccess();
} catch (e) { } catch (e) {
this.logService.error("Failed to disable memory access", e); this.logService.error("Failed to disable memory dumps", e);
}
} }
} }