Announcement

**Michael** · 21 February 2016, 01:34 PM

Originally posted by Griffin View Post

Best part is how easy it is to use xdg-apps in gnome-software. This is by far the most advanced linux software center combined with a very solid sandboxing mechanism. You dont get quality like this by luck. This takes talent and dedication. The Gnome developers sure nailed it.

Agree.

**gens** · 21 February 2016, 02:03 PM

Originally posted by Griffin View Post

Best part is how easy it is to use xdg-apps in gnome-software. This is by far the most advanced linux software center combined with a very solid sandboxing mechanism. You dont get quality like this by luck. This takes talent and dedication. The Gnome developers sure nailed it.

some nice rose tinted glasses you got there

**Cerberus** · 21 February 2016, 02:15 PM

Can that sandbox regular X applications? Ubuntu will sandbox X applications in Unity 8 through LXC containers I believe.

**littleowl** · 21 February 2016, 02:32 PM

Originally posted by Cerberus View Post

Can that sandbox regular X applications?

Not sure if you can actually sandbox an X application fully, that was one reason for design of Wayland.

**jonnor** · 21 February 2016, 04:30 PM

Originally posted by Cerberus View Post

Can that sandbox regular X applications? Ubuntu will sandbox X applications in Unity 8 through LXC containers I believe.

The connection to the X11 server will still be open, but apart from that yes.
Got any link on the LXC sandboxing in Ubuntu?

**bregma** · 21 February 2016, 04:48 PM

Originally posted by jonnor View Post

The connection to the X11 server will still be open, but apart from that yes.
Got any link on the LXC sandboxing in Ubuntu?

It's called Libertine and it spawns one X11 server per application running in the container; you can even go as far as separate containers for each application. You can't really make old-fashioned legacy X11-based desktop apps more secure while still keeping them useful (or even runnable) but you can contain their insecurities and certainly sandbox them away from your valuable assets.

**Cerberus** · 21 February 2016, 04:48 PM

Originally posted by jonnor View Post

The connection to the X11 server will still be open, but apart from that yes.
Got any link on the LXC sandboxing in Ubuntu?

http://news.softpedia.com/news/ubunt...s-486695.shtml

You can find more on Google and Launchpad. Search for Puritine and Libertine, those are libraries used for it I believe. We will probably see that demonstrated on Ubuntu tablet which will run X applications.

**mezo** · 21 February 2016, 06:32 PM

Originally posted by Griffin View Post

Best part is how easy it is to use xdg-apps in gnome-software. This is by far the most advanced linux software center combined with a very solid sandboxing mechanism. You dont get quality like this by luck. This takes talent and dedication. The Gnome developers sure nailed it.

cant agree more. this is the right step in the right direction to bring the linux desktop forward.

**mjog** · 21 February 2016, 08:32 PM

Sounds like this is going to be by far the easiest way to distribute 3rd party desktop apps for Linux, especially useful if your source is on GitHub or similar.

Totally going to have to test it out on a desktop service+app I'm writing.

Announcement

Building Your Own XDG-App Packages For GNOME App Sandboxing

Building Your Own XDG-App Packages For GNOME App Sandboxing

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment