security-context-v1: Make sandbox engine names use reverse-DNS

Specifically this also changes the well-known name for flatpak from "flatpak" to "org.flatpak". This would be a breaking change but there is no released version of flatpak yet with security-context support. Signed-off-by: Sebastian Wick <sebastian.wick@redhat.com>
2025-12-20 08:10:07 +01:00 · 2023-10-12 16:23:14 +02:00 · 2023-10-12 16:23:14 +02:00 · 999e443773
commit 999e443773
parent 479580dbe3
2 changed files with 3 additions and 2 deletions
--- a/staging/security-context/engines.md
+++ b/staging/security-context/engines.md
@ -6,7 +6,7 @@ mechanisms.

 ## [Flatpak]

-* `sandbox_engine` is always set to `flatpak`.
+* `sandbox_engine` is always set to `org.flatpak`.
 * `app_id` is the Flatpak application ID (in reverse-DNS style). It is always
  set.
 * `instance_id` is the Flatpak instance ID of the running sandbox. It is always
--- a/staging/security-context/security-context-v1.xml
+++ b/staging/security-context/security-context-v1.xml
@ -114,7 +114,8 @@

    <request name="set_sandbox_engine">
      <description summary="set the sandbox engine">
-        Attach a unique sandbox engine name to the security context.
+        Attach a unique sandbox engine name to the security context. The name
+        should follow the reverse-DNS style (e.g. "org.flatpak").

        A list of well-known engines is maintained at:
        https://gitlab.freedesktop.org/wayland/wayland-protocols/-/blob/main/staging/security-context/engines.md