A GNOME Security Feature is About to Go Down!

Windows Articles

How to enable and disable SMB1/SMB2 in Windows 10

Hello! Windows 10 is an operating system that integrates various protocols to ensure its use with internal and external processes. Indeed, one...

Install Wine 5 on Debian 10

Hi, folks. In this post, I will help you install Wine 5 on Debian 10. Wine is one of...

Is ReactOS a real alternative to Windows?

Oh! The eternal struggle of computer operating systems. Windows vs. GNU/Linux and Mac as a distant spectator However, there are also interesting...

How to install Firebird on Ubuntu 20.04/ 18.04?

Database management systems are sufficient for many kinds of projects. Of course, they abound with MySQL / MariaDB or PostgreSQL popular but...

How to disable Firewall in Windows Server 2019/2016

Hello! The Firewall performs an essential security task on any version of Windows Server. In fact, it has the mission of preventing...

If you’re a Linux user, you obviously know the name of GNOME – one of the most popular desktop environments of all. Over the period of time, it found its way in all the major Linux distros – Ubuntu, Linux Mint, Debian, CentOS and a lot more. GNOME also went through a long process for upgrades and modifications. Now, Ubuntu and CentOS (current versions) are disabling a security feature of GNOME. This security feature was introduced back in 2017.

The name of the feature is Bubblewrap. This is a sandbox environment that provides the secure GNOME thumbnail parsers with the release of GNOME 3.26.

Bubblewrap – protection to the thumbnailing

Thumbnails are the little icons that sit next to each of the files and folders/directories to give you a slight idea what you can expect inside it. The little icons are actually pretty useful and some of the thumbnails are now the synonyms of different popular software.

Each time you navigate through a file or folder/directory, the system generates thumbnails. This process is performed automatically by thumbnail parsers – scripts that create the icon.

In recent years, security researchers identified that thumbnail parsers can also act as an attack vector when a hacker can trick a user into downloading a trap file on their desktop. The thumbnail parser then executes the malicious code.

This is the reason why GNOME Project added the Bubblewrap feature for the thumbnail parser scripts in GNOME.

Bubblewrapper missing!

According to a German journalist and security researcher Hanno Boeck, Ubuntu is currently disabling the Bubblewrap support inside their GNOME shell environment for all the recent OS versions.

According to Google security researcher Tavis Ormandy, the Bubblewrap sandboxes were also not present in the default CentOS 7.x version.

However, Ubuntu has a valid and reasonable explanation for the behavior.  Alex Murray, Ubuntu Security Tech Lead at Canonical described that Ubuntu team opted to disable the feature because they didn’t have enough time and resource to audit the Bubblewrap feature.

According to Murray, Bubblewrap is relatively a new piece of software that performs complicated things to set up those sandboxes. They didn’t want to enable the feature because even if there’s any possible vulnerability in the process itself, then it may cause major disasters.

Murray also said that criticizes are valid. However, for making sure to provide a high-quality distro, every single package has to undergo through a thorough review process and that takes time. He also assured that the feature is most likely to get to the mainstream.

More articles

LEAVE A REPLY

Please enter your comment!
Please enter your name here

Latest article

How to enable and disable SMB1/SMB2 in Windows 10

Hello! Windows 10 is an operating system that integrates various protocols to ensure its use with internal and external processes. Indeed, one...

Install Wine 5 on Debian 10

Hi, folks. In this post, I will help you install Wine 5 on Debian 10. Wine is one of...

Is ReactOS a real alternative to Windows?

Oh! The eternal struggle of computer operating systems. Windows vs. GNU/Linux and Mac as a distant spectator However, there are also interesting...

How to install Firebird on Ubuntu 20.04/ 18.04?

Database management systems are sufficient for many kinds of projects. Of course, they abound with MySQL / MariaDB or PostgreSQL popular but...

How to disable Firewall in Windows Server 2019/2016

Hello! The Firewall performs an essential security task on any version of Windows Server. In fact, it has the mission of preventing...