Re: Application Installation & Distribution
- From: Lennart Poettering <lennart poettering net>
- To: Allan Day <allanpday gmail com>
- Cc: gnome-os-list gnome org
- Subject: Re: Application Installation & Distribution
- Date: Wed, 10 Oct 2012 01:01:32 +0200
On Fri, 05.10.12 15:01, Allan Day (allanpday gmail com) wrote:
> * Sandboxing is important from a security and a trust point of view.
> Applications should be not be able to undermine or corrupt the core
> OS, and we need a better way for unresponsive applications to be
> detected and dealt with [1]. Applications should declare which data
> and services (eg. location services, local storage) they want to
> access. These should be visible when a user installs an application,
> and there should be a place where users can review and potentially
> revoke applications' permissions.
>
> * Online account access [2] can also be considered within the realm
> of sandboxing. There are a few questions here. One is whether 3rd
> party applications should be able to use online accounts that have
> been set up using GOA. If they are, then we might want to include
> these in per-application permissions.
>
> * Defined integration points: we should take this opportunity to
> specify how applications integrate with the system. They should be
> restricted to a single application launcher and be required to provide
> an app icon of a certain size, for example. They should also be
> required to follow the XDG naming spec, and we could also take this
> opportunity to better define things like search and notification
> integration.
>
> * We have yet to design a common sharing framework for GNOME [3], but
> it is something that we would like and is another integration point
> that we may want to define. I know that Colin is conscious of the
> security implications of allowing applications to pass data between
> one another, particularly in light of sandboxing. I guess that we need
> to discuss this further.
All of the four issues above I think are different sides of the same
medal: we need something like the intents logic that android has:
i.e. minimalized integrations points that double as user-controlled
security transition points. (see my other mail regarding this)
Lennart
--
Lennart Poettering - Red Hat, Inc.
[
Date Prev][
Date Next] [
Thread Prev][
Thread Next]
[
Thread Index]
[
Date Index]
[
Author Index]
