On Sat, 2015-11-21 at 23:34 +0100, Michal Suchanek wrote: > On 20 November 2015 at 22:01, Jasper St. Pierre <[email protected] > t> wrote: > > Currently, the security model of Linux systems is "distro verifies > > security and adds to their own repo", with, of course, the step of > > "user trusts distro". > > > > The security model of Batis seems to be "user trusts application > > developer" > > > > The security model of xdg-app is "user trusts the sandbox > > mechanism". > > One thing is to trust the sandboxing and another is to trust the > application to work in a sandbox reasonably well. > > If I install abiword in a sandbox I cannot edit my word files, > obviously. I have to give it access to my word files to be of any > use. > Which in present day is only accomplished by installing it on my > desktop machine directly. > > This can be solved to some extent by modification to the GTK library > so that calling the function that normally pops up file open dialog > actually calls into the sandboxing framework to import a file into > the > sandbox. And depending on the policy the file would be trashed after > the application terminates, or copied as new version, or updated > in-place.
This is getting fixed by using "Portals" in xdg-app, and is the reason why native file choosers are getting implemented in GTK+: https://blogs.gnome.org/alexl/2015/11/05/native-file-choosers-in-gtk/ > This won't work with libreoffice or firefox, unfortunately. They use > their own file open dialog and not the stock one. Both are getting ported to GTK3, so they could use the above work without much changes. _______________________________________________ xdg mailing list [email protected] http://lists.freedesktop.org/mailman/listinfo/xdg
