On Mon, Sep 20, 2021 at 08:50:45AM -0400, Elsie Hupp wrote: > > The way you describe it, it would be OK for any app to just parse the > > config of any other. That just feels wrong, because app A should have no > > business snooping in /etc/xdg/B/Brc. If app B wants to make such > > information available to others it should export it instead of requiring > > those to parse the file. > > To be fair, this is one of the motivations behind Flatpak and Snap. If you > don’t want one app snooping where it shouldn’t, then you make it technically > unable to do so.
Yes, and then there is XDG which expects exactly that, which then leads to other hacks to soften the isolation of said containers, or the inclusion of files which the go out of sync and out of date compared to what is in the real /etc. If I need hard sandboxing to stop such behaviour, then there is a serious bug in the spec. ;) Best, PW P.S.: Please do not attach the whole history.