|First fully sandboxed Linux desktop application|
|By Thom Holwerda on 2015-02-17 21:37:27|
It's not a secret that I've been working on sandboxed desktop applications recently. In fact, I recently gave a talk at devconf.cz about it. However, up until now I've mainly been focusing on the bundling and deployment aspects of the problem. I've been running applications in their own environment, but having pretty open access to the system.
Now that the basics are working it's time to start looking at how to create a real sandbox. This is going to require a lot of changes to the Linux stack. For instance, we have to use Wayland instead of X11, because X11 is impossible to secure. We also need to use kdbus to allow desktop integration that is properly filtered at the kernel level.
- The oldest x86 processor still supported by a modern Linux kernel? - 2018-01-08
- Interactive X Linux desktop rendered to TTY and streamed over SSH - 2018-01-05
- How to set up a Pixelbook for programming - 2017-11-16
- RISC-V port merged to Linux - 2017-11-16
- More related articles