Hi Jasper, On Wed, Jun 24, 2015, at 10:23 AM, Jasper St. Pierre wrote: > Both of these are really cool and convenient for system updates. > xdg-app is simply using OSTree for its first bit, the repo bit. > xdg-app has its own deploy stage.
So it sounds like an application publisher would use OSTree to host releases, and the user uses a custom xdg-app mechanism to fetch and install it. This would be independent of current distro package formats. Is that right? > > - Would an application developer host their own packages, or is it still > > a centralised model like distro packaging? If it's centralised but > > cross-distribution, who would run the repository? > > You could run it either way. The vision here is definitely that the > app developers publish their own official builds. But Fedora might > want a central repo for all the packages in its distro. > > So, I don't know, it remains to be seen. We're simply building the > tools here. Distro politics come after. :) Right, but how you design the tools depends on how you expect them to be used. I'm happy to hear that the vision is for app developers to publish their own builds: I don't think centralised gate-keeping scales well enough, unless you have the kind of resources Google or Apple have to run it. > When the app is deployed, its manifest of permissions is checked to > determine what should be mounted in the sandbox. This manifest can be > edited by a user at any time. Note, however, that if the app isn't > coded for these failure cases (it was simply using a standard Linux > API), it might crash outright. I'm still a bit unclear on what the trust model is - would the user be clearly shown the permissions manifest in an understandable format before they use the application, so they could see if it was trying to do anything sneaky? Or is the idea that you trust the app author, and permissions are a way to limit the impact on the system if there's a security bug in that app? Again, it's the vision I'm interested in - I understand that it's early days for the project and this kind of user-visible stuff might be some way off. But it's good to know what it's driving towards. Thanks, Thomas _______________________________________________ xdg mailing list [email protected] http://lists.freedesktop.org/mailman/listinfo/xdg
