Page 1 of 2 12 LastLast
Results 1 to 10 of 14

Thread: GNOME Wants To Sandbox Applications Too

  1. #1
    Join Date
    Jan 2007
    Posts
    15,182

    Default GNOME Wants To Sandbox Applications Too

    Phoronix: GNOME Wants To Sandbox Applications Too

    As another item that was discussed last week in Brussels during the GNOME Developer Hackfest is sandboxing of GNOME applications. GNOME developers already decided they want applications written in JavaScript but as another security measure they want to begin sandboxing applications...

    http://www.phoronix.com/vr.php?view=MTI5NDQ

  2. #2
    Join Date
    Sep 2007
    Posts
    331

    Lightbulb

    What has sandboxing to do with a specific desktop? Isn't that, what Selinux and Company is made for?

  3. #3
    Join Date
    Dec 2012
    Posts
    201

    Default

    Quote Originally Posted by oleid View Post
    What has sandboxing to do with a specific desktop? Isn't that, what Selinux and Company is made for?
    I don't see the point. With this model they're following Chrome OS apps model, which is rather limiting.

    I'd prefer to see some elegant solution on the linux desktop to emulate BlackBerry's Balance (single user with work and personal space sandboxing), which could be done with LXC, I think.

  4. #4
    Join Date
    Dec 2011
    Location
    Basement
    Posts
    389

    Default yeah?

    So the gnome and systemd cabal is pushing for an IPC mechanism in the kernel. Performance, security and features are probable gains. Can this go to mainline linux? Maybe. Attempts have failed before but this time it is another story.

    Does everybody want a linux IPC to rule them all? I doubt it.

  5. #5
    Join Date
    Sep 2009
    Posts
    119

    Default

    Unlike a lot of the GNOME team's recent botched decisions, I don't actually think this is a horrible idea. I wouldn't mind seeing sandboxed apps in a desktop computing environment, if it was done without being too annoying.

  6. #6
    Join Date
    Jun 2011
    Posts
    3

    Default Yeah right...

    given that sandboxing has worked extremely well so far everywhere else, I have complete trust that it will work this time too:
    - http://www.vupen.com/demos/VUPEN_Pwning_Chrome.php
    - http://arstechnica.com/security/2012...urity-sandbox/
    - http://www.extremetech.com/computing...a-magic-bullet
    - http://securitywatch.pcmag.com/none/...t-of-sandboxes

  7. #7
    Join Date
    Sep 2012
    Posts
    754

    Default

    Quote Originally Posted by oglueck View Post
    Totally agree, and in the same spirit, I've seen encryption broken somewhere else, so encryption is certainly worthless:
    - http://arstechnica.com/security/2012...ttps-sessions/

  8. #8
    Join Date
    Nov 2008
    Posts
    149

    Default

    In order to talk with the sandboxes app we need a IPC model that handles the domain transition between the namespaces. This implies the kernel being involved, so we have been looking (again) at getting some form of dbus routing support into the kernel. Hopefully this will work out this time.

    We also talked about implementing something similar to the Intents system in android as a way to allow sandboxed applications to communicate without necessarily knowing about each other. This essentially becomes a DBus service which keeps a registry of which apps implements the various interfaces we want to support (e.g. file picking, get-a-photo, share photo) and actually proxies the messages for these to the right destination. We had a long discussion about the name for these and came up with the name “Portals”, reflecting the domain-transition that these calls represent.
    This sounds strikingly similar to how android does IPC. Here is a nice document about that.

  9. #9
    Join Date
    Jul 2012
    Posts
    287

    Default

    Quote Originally Posted by zoomblab View Post
    This sounds strikingly similar to how android does IPC. Here is a nice document about that.
    The text you're quoting already says the idea comes from Android.

  10. #10
    Join Date
    Feb 2013
    Posts
    1

    Thumbs down Ugh

    Ugh, I see no benefits and only downsides. It will be even slower, introduce new bugs, and provide no real security IMO. But this seems to be the trend in gnome, let's take what works well, break it, remove any useful features, add a 1000 new bugs, do tons of random pointless things, add features that are broken and useless and make it run as slow as humanly possible.


    Ok, maybe I am exaggerating a bit. I have just gotten more and more annoyed with this sort of #@*(Y&(# over the last few years.

    Hey I got an idea, let's have all gnome apps written in a new scripting language, let's called it Magic Gnome Script, (MGS), that script is then interpreted threw a runner, written in javascript, running inside a special gnome app viewer, running in a virtual environment, running inside...

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •