On Fri, Sep 07, 2012, Matthew Paul Thomas wrote: > What kind of sandboxing, specifically, do you think would be necessary > for hundreds of thousands of Ubuntu applications not to interfere with > each other? It seems to me there are four possible points of contention: > 1. package names (versus the OS archive, and versus each other) > 2. installed files > 3. saved documents and settings > 4. resource use (memory, CPU, network, peripherals) while running.
Sandboxing might also involve enforcing the app / system interface; e.g. not expose any other shared library than the ones application can rely on being "always there" for a particular version of the interface. e.g. can an application rely on libgtk-x11-2.0.so.0 to be there or should it bundle it? If we encourage apps to be self-contained, we are lowering the overall security experience of the system by expecting all application developers to update a lot of embedded libraries; if we make them rely on system libraries, we're stuck with deps on them "forever". Another constraints for sandboxing is integration between apps and integration of apps with the system. There are various levels at which we expect apps will integrate with the system such as notification area icon, a background service, gadgets, but integration between apps is also important and isn't very developed in Android / iOs. Sure, there are some "Share" buttons or "Open with" intents in iOS and Android and even Nautilus has a "Send to...", but I feel this is a very limited level of integration. Will we allow detecting the presence of another app? How do I embed this or that image viewer or music player into this or that cloud file sharing app? Also, we want application sandboxing but are we going to allow replacing system services in apps? Would we allow an app to act as an interactive desktop background? Are sandboxed apps always fullscreen like on Android and iOS, or may they have resizeable windows? [ 2/ (installed files) above seems like a non-problem if we have unique app names though ] -- Loïc Minier -- ubuntu-devel mailing list [email protected] Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-devel
