Comment 2 for bug 1709164

amano (jyaku) wrote :

An additional sandbox is probably rather a security win than a security risk. It would be great if that could be MIRed before feature freeze.

GDK-pixbuf, Evince and other "thumbnailer users" seem to depend on that: http://www.hadess.net/2017/07/security-for-security-gods-sandboxing.html

To quote Bastien Nocera: " For GNOME 3.26 (and today in git master), the thumbnailer stall will be doubly bolted by a Bubblewrap sandbox and a seccomp blacklist.

This closes a whole vector of attack for the GNOME Desktop,..."