|First fully sandboxed Linux desktop application|
|By Thom Holwerda on 2015-02-17 21:37:27|
It's not a secret that I've been working on sandboxed desktop applications recently. In fact, I recently gave a talk at devconf.cz about it. However, up until now I've mainly been focusing on the bundling and deployment aspects of the problem. I've been running applications in their own environment, but having pretty open access to the system.
Now that the basics are working it's time to start looking at how to create a real sandbox. This is going to require a lot of changes to the Linux stack. For instance, we have to use Wayland instead of X11, because X11 is impossible to secure. We also need to use kdbus to allow desktop integration that is properly filtered at the kernel level.
- RISC-V port merged to Linux - 2017-11-16
- The rise and fall of LiMux - 2017-11-10
- 100 days of postmarketOS - 2017-09-03
- Build your own Linux - 2017-08-16
- More related articles