Originally posted by cj.wijtmans
View Post
Announcement
Collapse
No announcement yet.
LibreOffice Is Now One Of The First Major Linux Desktop Apps With A Flatpak
Collapse
X
-
Originally posted by RahulSundaram View Post
Distro package managers have no sandboxing and they are distro specific.
Apparmor at least to my knowledge does have network permissions. Of course, it is an alternative avenue to the goal from what something like Docker does - in one direction you take the free for all permissions of Unix and try to restrict them more, in the other you isolate everything and add back in access.
You can argue semantics but either is a path to isolation.
- Likes 2
Comment
-
Originally posted by RahulSundaram View Post
Sure but Apparmor is distro specific.
I can easily see a market for Apparmor -> SELinux profile conversion so we can standardize on one MAC archive format, that software can distribute upstream and have packaged accordingly.
- Likes 2
Comment
-
Originally posted by zanny View Post
Only insofar as Red Hat doesn't make it available in their kernel. It comes stock in Suse and Ubuntu and you can get Apparmor kernels / profiles third party on Debian / Arch.
I can easily see a market for Apparmor -> SELinux profile conversion so we can standardize on one MAC archive format, that software can distribute upstream and have packaged accordingly.
Comment
-
Originally posted by zanny View Post
Only insofar as Red Hat doesn't make it available in their kernel. It comes stock in Suse and Ubuntu and you can get Apparmor kernels / profiles third party on Debian / Arch.
I can easily see a market for Apparmor -> SELinux profile conversion so we can standardize on one MAC archive format, that software can distribute upstream and have packaged accordingly.
Comment
-
Originally posted by higuita View Post
not directly flatpak, but rancherOS is a pid 1 docker, where ALL apps run inside docker containers, so each app can be isolated from the next one.
My main issue with flatpak is coming from gnome devs... i don't trust then, as i don't trust systemd, pulseaudio devs... Everytime i see something coming from oracle, redhat, apple or microsoft, i step back and try to see the bigger picture... not that everything they do is bad, but they fucked up the final user several times already to improve their business, so i don't trust then
JMO but viewing companies as discrete entities that have long lasting desires isn't, generally, a great idea unless you have some good reason to think otherwise. Individuals, on the other hand, sure, go to town.
Comment
Comment