Linked by Thom Holwerda on Tue 17th Feb 2015 21:37 UTC

It's not a secret that I've been working on sandboxed desktop applications recently. In fact, I recently gave a talk at about it. However, up until now I've mainly been focusing on the bundling and deployment aspects of the problem. I've been running applications in their own environment, but having pretty open access to the system.

Now that the basics are working it's time to start looking at how to create a real sandbox. This is going to require a lot of changes to the Linux stack. For instance, we have to use Wayland instead of X11, because X11 is impossible to secure. We also need to use kdbus to allow desktop integration that is properly filtered at the kernel level.

Thread beginning with comment 605418
To read all comments associated with this story, please click here.
finally :)
by le_c on Wed 18th Feb 2015 02:00 UTC
Member since:

I really missed that! especially for proprietary apps like skype. Hopefully, it will become usable soon!

Reply Score: 1

RE: finally :)
by kokara4a on Wed 18th Feb 2015 09:34 in reply to "finally :)"
kokara4a Member since:

I really missed that! especially for proprietary apps like skype. Hopefully, it will become usable soon!

For quite some time I was running Skype and Adobe Reader in a 32-bit root jail under a 64-bit Ubuntu (and using schroot to manager the root jails). It is a crude form of sandboxing where the sandbox contains an entire distribution. It was working fine. But then I gave up because of the simplicity of simply installing both via apt-get from the partners repo - that works for the LTS releases at least.

Reply Parent Score: 2

RE: finally :)
by Lennie on Wed 18th Feb 2015 22:37 in reply to "finally :)"
Lennie Member since:

Skype is probably not a great example.

I predict the Skype client will be dead in a couple of years. Because there is already a replacement technology.

Which is WebRTC. Which get's you everything Skype does: webcam-video, -audio, data, files-, screen- and application-sharing in the browser.

And properly peer2peer and encrypted again (which Skype, FaceTime doesn't do anymore !)

Microsoft is one of the companies working on the standards for this technology. Others are: Ericsson, Cisco, Mozilla, Google, to name some of the big players.

Reply Parent Score: 1

RE[2]: finally :)
by hobgoblin on Thu 19th Feb 2015 06:59 in reply to "RE: finally :)"
hobgoblin Member since:

Skype, like WOW, Facebook, and a bunch of other services that touch on the social element, will remain because of social gravity.

Unless you can get the mass of aunt Tillies to wholesale move to WebRTC, Skype will remain the go to service.

Never mind that a big deal with Skype from day one was the interfacing to local POTS networks. It basically eliminated international call charges even if just one side used the service.

Also, MS has already concoted their own take on WebRTC: and is pushing it by a Skype web "beta test".

Reply Parent Score: 4