Re: How do we store/install apps?

[Colin Walters <walters verbum org>]

On Tue, Oct 21, 2014, at 07:38 AM, Lennart Poettering wrote:

> Yes. Correctly. The hash-tree stuff, that is verified on access.

That's actually very cool if it was directly in the FS - it has the
potential to be a lot more efficient and dynamic.  Does it really exist
yet or just planned?  All I can see of this is:

http://comments.gmane.org/gmane.comp.file-systems.btrfs/34667

> Well, I disagree. In today's world you want the fully verifiable
> OS. You want it in the data center, you want it on end user
> devices. This is what ChromeOS does, and is what we are seeing is
> being done for CoreOS, for Android, for iOS and MacOS too. 

That's true - while core Android can use dm-verity now, there are some
highly privileged applications like the Google Play engine that if
compromised on disk would be nearly equivalent to total device
compromise.  I don't think that's on the dm-verity pool.

IMA tries to do this but it's pretty gross.

> Well, the "framework" concept I suggested should really include gcc,
> gdb, strace and all those things. It should be the real deal, that
> allows you to develop stuff.

I think the reality is that the packaging model won because you really
do start to want unions.  GNOME's sdk could include strace and gdb,
sure...but what do you do when you need to debug the interpreter of your
Python/Ruby/whatever web app?  And for that matter, 

Even then, the set of all profiling/debugging tools is so varied; e..g
does the SDK include /usr/bin/perf (incidentally an app that actually
comes with the kernel...)