Comment 2 for bug 1709164

amano (jyaku) wrote :

An additional sandbox is probably rather a security win than a security risk. It would be great if that could be MIRed before feature freeze.

GDK-pixbuf, Evince and other "thumbnailer users" seem to depend on that:

To quote Bastien Nocera: " For GNOME 3.26 (and today in git master), the thumbnailer stall will be doubly bolted by a Bubblewrap sandbox and a seccomp blacklist.

This closes a whole vector of attack for the GNOME Desktop,..."