Managing Device Access Permissions

Hey, i have one question.
Is it possible to limit the access to certain devices (like microphone or camera) to only the applications you want to give access to? Similar to how androids permission system works.

I didn’t anything about that online for linux. Only tutorials to completely disable devices, but i just want it to be enabled for a small amount of apps, like teamspeak.

Thanks in advance for any tipps

Hello @JohnnyKarate :wink:

The closest what you can get to the Android API is flatpak. It has this sandbox feature builtin.

For non-flatpaks you can use firejail, what uses the same sandbox features.

1 Like

Hello @megavolt,

thanks for the answer, i will look into firejail, but both of these solutions don’t seem very practical, since i wouldn’t want to install everything as a flatpak or lock behind firejail. Also this would mean these programs couldn’t make use of system libraries, if firejail is anything like flatpak, right? That also might affect gaming performance.

I just wanna be sure my mic and cam only gets used by the programs i want it to. Most of the time i have those unplugged anyway, but if i’m for example gaming and videochatting with friends, and with a lot of modern games recording voice chat, i don’t want to worry about wether the game client can still record me even tho i disabled ingame voice chat

True Android and Linux are just different. On Android everything is locked down und you need ask for permission. On Linux you can do the same, but by default there is no sandbox for each application like on Android.

No, firejail is just a sandbox tool. It uses the same system libraries. What it just do is restricting application permissions.

That can be done by configuration.

Thanks for the answer,
will definitely read up about firejail over the weekend.

Kinda wish linux would manage permissions to devices like mic similar to android tho :confused: