Re: Playing around with ostree for apps



On Tue, Oct 14, 2014, at 07:05 AM, Alexander Larsson wrote:
So, i updated gnome-sdk (https://github.com/alexlarsson/gnome-sdk/) to
use ostree to store and fetch apps.

For instance, if you build latest gnome-sdk you can:

gnome-sdk-repo add-remote alexl https://people.gnome.org/~alexl/repo/
gnome-sdk-repo install-runtime alexl org.gnome.Platform 3.14
gnome-sdk-repo install alexl org.gnome.GEdit
gnome-sdk-run org.gnome.GEdit gedit

I'm trying to clone this, but the repository needs to be on some HTTP
server with KeepAlive on at least =)

Can you request access to build.gnome.org?

Checking out means hardlinking to the repo, so any files
shared between modules is shared (via the hard links) both on disk and
in page cache.

But not between users.  Which is going to matter a lot in some
scenarios.

I think I agree with Lennart here in that the default architecture
should use polkit and talk to the system.  That doesn't mean that we
couldn't also support per-user apps.

Things get really interesting of course if we're really thinking about
production because

There are some issues:

* We don't clean up old versions on update yet

ostree prune --repo=repo --refs-only --depth=0

is what "ostree admin upgrade" uses.

* Ownership of files is problematic. 

This issue goes away if apps are stored as branches in the system repo. 
On the other hand - again stuff like setuid.  You said you filter them
while running, but I'm not sure that's good enough; I'd say we really
don't want potential privilege escalation binaries lying around at all.

Think about the workstation case where the desktop shell + terminal is
running as "un-sandboxed non-root" (i.e. the desktop default today), but
I don't have root access.  If I can pull down a sandboxed app but it can
drop a setuid binary down, then I can become root by executing it from
the desktop shell (outside of the app).

Say I create a guest account for someone else to use my laptop, or a
server hosting desktop remote displays.


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]