On Thu, Dec 04, 2014 at 05:10:32AM -0500, Daniel J Walsh wrote: > As I found when I wrote the SELinux Sandbox. The Linux Desktop is a > "cess pool" of communication and attempting to sandbox apps will have > unexpected consequences. But we don't have to start with the muck at the bottom. :) We can containerize the things that are easy and decompose the things which aren't as easy and ship, still ship them as modular components, and either just run them or build up whatever light sandboxing makes sense, and then move things to be more _actually_ containerized as possible. -- Matthew Miller <mattdm@xxxxxxxxxxxxxxxxx> Fedora Project Leader -- desktop mailing list desktop@xxxxxxxxxxxxxxxxxxxxxxx https://admin.fedoraproject.org/mailman/listinfo/desktop
