Announcement

Collapse
No announcement yet.

Building Your Own XDG-App Packages For GNOME App Sandboxing

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

  • Building Your Own XDG-App Packages For GNOME App Sandboxing

    Phoronix: Building Your Own XDG-App Packages For GNOME App Sandboxing

    XDG-App is the GNOME-backed design for sandboxed applications to allow third-party applications to better work across multiple distributions and for running applications with minimal access to the host...

    http://www.phoronix.com/scan.php?pag...XDG-Apps-Guide

  • #2
    Originally posted by Griffin View Post
    Best part is how easy it is to use xdg-apps in gnome-software. This is by far the most advanced linux software center combined with a very solid sandboxing mechanism. You dont get quality like this by luck. This takes talent and dedication. The Gnome developers sure nailed it.
    Agree.
    Michael Larabel
    https://www.michaellarabel.com/

    Comment


    • #3
      Originally posted by Griffin View Post
      Best part is how easy it is to use xdg-apps in gnome-software. This is by far the most advanced linux software center combined with a very solid sandboxing mechanism. You dont get quality like this by luck. This takes talent and dedication. The Gnome developers sure nailed it.
      some nice rose tinted glasses you got there

      Comment


      • #4
        Can that sandbox regular X applications? Ubuntu will sandbox X applications in Unity 8 through LXC containers I believe.

        Comment


        • #5
          Originally posted by Cerberus View Post
          Can that sandbox regular X applications?
          Not sure if you can actually sandbox an X application fully, that was one reason for design of Wayland.

          Comment


          • #6
            Originally posted by Cerberus View Post
            Can that sandbox regular X applications? Ubuntu will sandbox X applications in Unity 8 through LXC containers I believe.
            The connection to the X11 server will still be open, but apart from that yes.
            Got any link on the LXC sandboxing in Ubuntu?

            Comment


            • #7
              Originally posted by jonnor View Post
              The connection to the X11 server will still be open, but apart from that yes.
              Got any link on the LXC sandboxing in Ubuntu?
              It's called Libertine and it spawns one X11 server per application running in the container; you can even go as far as separate containers for each application. You can't really make old-fashioned legacy X11-based desktop apps more secure while still keeping them useful (or even runnable) but you can contain their insecurities and certainly sandbox them away from your valuable assets.
              Last edited by bregma; 21 February 2016, 07:15 PM.

              Comment


              • #8
                Originally posted by jonnor View Post

                The connection to the X11 server will still be open, but apart from that yes.
                Got any link on the LXC sandboxing in Ubuntu?
                http://news.softpedia.com/news/ubunt...s-486695.shtml

                You can find more on Google and Launchpad. Search for Puritine and Libertine, those are libraries used for it I believe. We will probably see that demonstrated on Ubuntu tablet which will run X applications.

                Comment


                • #9
                  Originally posted by Griffin View Post
                  Best part is how easy it is to use xdg-apps in gnome-software. This is by far the most advanced linux software center combined with a very solid sandboxing mechanism. You dont get quality like this by luck. This takes talent and dedication. The Gnome developers sure nailed it.
                  cant agree more. this is the right step in the right direction to bring the linux desktop forward.

                  Comment


                  • #10
                    Sounds like this is going to be by far the easiest way to distribute 3rd party desktop apps for Linux, especially useful if your source is on GitHub or similar.

                    Totally going to have to test it out on a desktop service+app I'm writing.

                    Comment

                    Working...
                    X