Re: Notes about GNOME OS sandboxing discussion

From: Colin Walters <walters verbum org>
To: Lennart Poettering <lennart poettering net>
Cc: gnome-os-list gnome org, Stef Walter <stefw gnome org>
Subject: Re: Notes about GNOME OS sandboxing discussion
Date: Thu, 25 Oct 2012 20:01:11 -0400

On Wed, 2012-10-10 at 00:58 +0200, Lennart Poettering wrote:

> IIUC on windows the contracts are actually really the only way how apps
> can communicate with the outside. Maybe being that drastic is not the
> right approach for us on desktops, but being this strict has some appeal
> to me...

So it turns out Windows 8 did introduce an Intents/Contracts type system
for *Metro* style apps:

http://arstechnica.com/features/2012/10/windows-8-and-winrt-everything-old-is-new-again/7/

Metro-style apps can talk to each other via contracts, and are
sandboxed.  But note there's no ability (at present) for non-Metro apps
to implement contracts.  Which probably makes sense...otherwise you have
a sandboxed app passing data to a non-sandboxed app, which greatly
increases risk.

Any discussion of this though is really predicated on a useful
sandboxing mechanism and design.  If we're talking about native code,
it's quite hard.

References:
- Notes about GNOME OS sandboxing discussion
  - From: Stef Walter
- Re: Notes about GNOME OS sandboxing discussion
  - From: Lennart Poettering

[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]