Originally posted by cl333r
View Post
Announcement
Collapse
No announcement yet.
OBS Studio Now Ready With Wayland Capture Support
Collapse
X
-
Originally posted by intelfx View Post
Incorrect, portals are simply a set of new D-Bus APIs for common desktop operations, invented with containers and fine-grained access control in mind. But definitely not limited to Flatpak.Interface toolkits like GTK3 and Qt5 implement transparent support for portalsOne of Flatpak’s main goals is to increase the security of desktop systems by isolating applications from one another. This is achieved using sandboxing and means that, by default, applications tha...
Which I as a file browser dev couldn't give a flying fuck about the exact definition because what matters to me is:
1) Flatpak is not fit for an app like a file browser which I hoped to distribute as a flatpak.
2) Whatever happened to all the other systems of security inherent for a Linux (therefore unix) desktop? To me this is plenty, I don't need yet another layer of security on top of it.
Comment
-
Originally posted by cl333r View PostWhich I as a file browser dev couldn't give a flying fuck about the exact definition because what matters to me is:
1) Flatpak is not fit for an app like a file browser which I hoped to distribute as a flatpak.
2) Whatever happened to all the other systems of security inherent for a Linux (therefore unix) desktop? To me this is plenty, I don't need yet another layer of security on top of it.
Yes security standards from the 1980s-1990s when I am talking Rainbow Series so still 20 years off current.
The security inherent in Unix is not that great you are talking 1970s security here.
There is file manager on flathub.
https://github.com/flathub/org.kde.d...e.dolphin.json
So it not impossible to make a file manager application that works inside flatpak because someone else already has. Ok there are going to be limitations. Wrapping a file browser in a strict selinux profile is going to cause limitations to what the file browser can do as well(yes implementing Rainbow Series stuff in the year 2000 on Linux with selinux).
cl333r like it or not you on security stuff if you are depending on Unix class security you are horrible out of date. Containers or having to support multi "Linux Security Modules" pick your poison.
I do expect flatpak portals will need expanding in places for some special features some file managers will want.
Please also note cl333r gnome and kde are working on run everything in containers using systemd. So in time it will not matter if your application is shipped with flatpak or shipped with distribution it will have to deal with the fact it sand-boxed inside a container with the cgroups system providing limitations.Last edited by oiaohm; 01 April 2021, 10:38 AM.
- Likes 2
Comment
-
Originally posted by cl333r View PostI'm a desktop Linux user, not a cloud supervisor, does it ring a bell?
- Likes 1
Comment
-
Originally posted by cl333r View PostInterface toolkits like GTK3 and Qt5 implement transparent support for portals
Originally posted by cl333r View PostWhich I as a file browser dev couldn't give a flying fuck about the exact definition
Originally posted by cl333r View Post1) Flatpak is not fit for an app like a file browser which I hoped to distribute as a flatpak.
Originally posted by cl333r View PostWhatever happened to all the other systems of security inherent for a Linux (therefore unix) desktop? To me this is plenty, I don't need yet another layer of security on top of it.
There is the only form of security inherent to a Linux desktop: POSIX discretionary access controls, which are horribly ineffective and inadequate for a desktop.
- Likes 1
Comment
-
Originally posted by cl333r View PostI'm a desktop Linux user, not a cloud supervisor, does it ring a bell?
Thinking this is based around systemd in time we can expect "system extension images" what is basically container like flatpak where what you are seeing from the container may not be the real file system contents.
The reality is the technology that has proven itself in cloud usage is coming to the Linux Desktop to fix this historic problems the Linux Desktop has had.
Problems that will be Solved by containerising the desktop.
1) Lack of ability to kill applications correctly. Incorrect kill of a application results in a application that will not restart because part of it is still running.
2) Lack of ability to run background desktop tasks at the correct times.
3) Lack of ability to properly give higher priority to the application with current active window.
4) Lack of something like window SXS
Yes writing a file manager for windows if you are not using the right APIs you can see files that are virtual that comes from the windows application backwards compatibility parts.
The reality if you are file manager developer on Linux you are going to have to get use to dealing with containers going forwards unless you are willing to ignore all the Gnome and KDE users. The problems flatpak puts in way are the future problems that you will hit with KDE/Gnome desktops if you don't deal with them now.
Sorry I'm a desktop Linux user arguement does not cut it. Many people working on Linux Desktops are cloud supervisors so need proper security and application control in a desktop as well.
- Likes 1
Comment
-
Originally posted by oiaohm View Post
Gnome and KDE are implementing containers because desktop users really do need more control than posix/unix level security can provide.
Jesus.
Comment
Comment