Pidgin exposes everything through its D-Bus service

See e.g.: https://developer.pidgin.im/wiki/DbusHowto

So Tor Browser can totally sniff your buddy list and send your friends creepy messages.

Disabling this interface some how would solve this, but we’re gonna use it in Tails Server’s client application, to automate account creation, joining the right chat, etc. intrigeri tells me we could do D-Bus mediation with AppArmor once Linux 4.16 is available to us (unless it’s delayed) which sounds ideal.

Feature Branch: bugfix/14612-deny-access-to-pidgin-dbus-service

Related issues

Blocks #13234 (closed)

Original created by @anonym on 14612 (Redmine)

To upload designs, you'll need to enable LFS and have an admin enable hashed storage. More information