On Sat, 2020-09-19 at 07:55 -0400, Kelly Price wrote: > The question I have is... how strong is the Flatpak sandbox?
Flatpak's sandbox is as strong as you set it up to be, stronger using Wayland than X11, stronger when there's no network access, stronger when there's no direct file access, etc. And it uses the same kernel technology as docker, and plenty of other container software. > Will it > allow such a deal? I don't understand what that means. > On Sat, Sep 19, 2020 at 7:42 AM Alexander Pevzner <[email protected]> > wrote: > > > > On 9/19/20 12:25 PM, Bastien Nocera wrote: > > > Sealed memfds, passed via D-Bus, that's 1/2GB in all :) > > > > If D-Bus can pass an arbitrary file descriptor, it can be used to > > pass > > AF_UNIX socket, allowing usage of "network" transport without > > actual > > access to networking, and saving 1/2GB of memfs :-) > > > > -- > > > > Wishes, Alexander Pevzner ([email protected]) > > > >
