Attached is a snapcraft.yaml file that can be used to build an exploit snap. With it built and installed, we can see that recording is initially blocked:
$ record-exploit.parecord /tmp/foo.wav Stream error: Access denied
But if we disable the security policy first, we can record:
$ record-exploit.disable-security $ record-exploit.parecord /tmp/foo.wav ^C
The snap also exposes a "record-exploit.pactl" command to help demonstrate what is possible from within confinement.
Attached is a snapcraft.yaml file that can be used to build an exploit snap. With it built and installed, we can see that recording is initially blocked:
$ record- exploit. parecord /tmp/foo.wav
Stream error: Access denied
But if we disable the security policy first, we can record:
$ record- exploit. disable- security exploit. parecord /tmp/foo.wav
$ record-
^C
The snap also exposes a "record- exploit. pactl" command to help demonstrate what is possible from within confinement.