-
Notifications
You must be signed in to change notification settings - Fork 2k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
WIP: Add com.todesk.ToDesk #5109
base: new-pr
Are you sure you want to change the base?
Conversation
Signed-off-by: Chen Yuanrun <chen-yuanrun@foxmail.com>
bot, build com.todesk.ToDesk |
Queued test build for com.todesk.ToDesk. |
Started test build 111058 |
Build 111058 successful
|
- --share=ipc | ||
- --socket=x11 | ||
- --socket=pulseaudio | ||
- --own-name=com.todesk.toc.ui |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Why don't you submit using this ID? If that's what they use internally.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I do not think com.todesk.toc.ui is a good id for ToDesk, it is more like a internal implemention detail choosen by todesk.com and may be changed in the future if the implemention changes. ToDesk is the product name for this app from todesk.com, I think com.todesk.ToDesk is better and more stable than com.todesk.toc.ui.
todesk.sh
Outdated
export LIBVA_DRIVERS_PATH="$APP_HOME/todesk/bin" | ||
|
||
"$APP_HOME/todesk/bin/ToDesk_Service" & | ||
exec "$APP_HOME/todesk/bin/ToDesk" |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
why would this run out of XDG_DATA_HOME
? Why do you copy things there? This feel like installing malware.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
ToDesk will create config files along with the binary files, so it must be run in a writable direcotry. All these files is come from todesk.com, and the app is still run inside the flatpak sandbox, so I think it is safe.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
so I think it is safe.
I beg to differ.
I trace the syscall of ToDesk_Service and it show that ToDesk_Service will create config files in the upper directory of the executable file:
That is the reason that I need to copy the binary files to a writable direcotry, and even Steam do the same thing while you first start it or install games from the store. Could I know what your security concerns are here? Do you have any suggestions about this? @bbhtt |
Signed-off-by: Chen Yuanrun <chen-yuanrun@foxmail.com>
bot, build com.todesk.ToDesk |
Queued test build for com.todesk.ToDesk. |
Started test build 112198 |
Build 112198 successful
|
Two wrongs don't make a right. |
I'll report it to the upstream and wait for them to fix it. |
No other than the app should be fixed, it's a poor solution. |
Signed-off-by: Chen Yuanrun <chen-yuanrun@foxmail.com>
@hfiguiere @bbhtt I have added a preload library to cheat the app for it's executable path, and it work now without coping all the files to XDG_DATA_HOME, can you review this again? |
bot, build com.todesk.ToDesk |
Queued test build for com.todesk.ToDesk. |
Started test build 112412 |
Build 112412 successful
|
Signed-off-by: Chen Yuanrun <chen-yuanrun@foxmail.com>
bot, build com.todesk.ToDesk |
Queued test build for com.todesk.ToDesk. |
Started test build 112682 |
Personally I would've preferred to not have a C library live in Flathub repo and wait for upstream. But none are very ideal solutions in this situation. |
Build 112682 successful
|
Seriously. A remote control software, that is supposed to be secure, that needs to be in a r/w location to run. What other basic security violation do they do we can't see since it's proprietary? Very suspicious. So many red flags. |
I quite agree with you. ToDesk need a service call ToDesk_Service to run in background, and it is this process that needs to create the configuration file. In a traditional deployment (deb or rpm), ToDesk_Service run as root (as a systemd service) and have the permission to create the configuration file anywhere it want. This is totally bad, unsafe and ugly. I need this software to connect to my company (I pay for it), I have sent a email to them and I will mark this PR as WIP until they change their behaviors, before that I will use my local build. |
ToDesk as a safe and free unlimited remote control software, through the leading network technology to build and operate their own network system, with global coverage of multi-node, multi-service, milliseconds latency application layer routing system, bringing the user like the use of local computers like the sense of experience. Support in any scenario at any time remotely connected to the company or personal off-site equipment, not only with file transfer, remote printing, remote control camera, privacy screen, security verification of confidentiality and many other features, but also to achieve the management of unattended equipment, operation and maintenance, while enterprise business personnel can be ToDesk remote support for external partners, external equipment, customer SOS services.
Please confirm your submission meets all the criteria