Comment 1 for bug 1877102

James Henstridge (jamesh) wrote :

Attached is a snapcraft.yaml file that can be used to build an exploit snap. With it built and installed, we can see that recording is initially blocked:

    $ record-exploit.parecord /tmp/foo.wav
    Stream error: Access denied

But if we disable the security policy first, we can record:

    $ record-exploit.disable-security
    $ record-exploit.parecord /tmp/foo.wav
    ^C

The snap also exposes a "record-exploit.pactl" command to help demonstrate what is possible from within confinement.