On Mon, Jul 17, 2017 at 12:03:13PM +0200, Michael Stahl wrote: > On 16.07.2017 12:54, Richard W.M. Jones wrote: > > On Fri, Jul 14, 2017 at 04:59:37PM +0000, Debarshi Ray wrote: > >> On Fri, Jul 14, 2017 at 09:44:18AM +0100, Richard W.M. Jones wrote: > >>> > >>> If RPMs of the graphical application work fine now, what on earth is > >>> the point of forcing packagers to make Flatpaks? Sandboxing isn't one > >>> of them - as already explained, sandboxing is orthogonal to packaging. > >> > >> Huh? How would you get sandboxing without Flatpaks? Unless you are > >> proposing a different sandboxing technology. > > > > Things like libvirt-sandbox have been around for a really long time > > and don't require special packaging (in fact they work with any > > arbitrary command). > > reading between the lines of the fine documentation, there is no mention > of X11 or GUI applications, so i guess "arbitrary" is a bit of an > exaggeration? It seems like it's not mentioned in the docs, but it does work as in this example of running evince to view a suspect PDF file: https://honk.sigxcpu.org/con/More_sandboxing.html BTW libvirt sandbox allows either full-virt or container sandboxing. Rich. -- Richard Jones, Virtualization Group, Red Hat http://people.redhat.com/~rjones Read my programming and virtualization blog: http://rwmj.wordpress.com virt-df lists disk usage of guests without needing to install any software inside the virtual machine. Supports Linux and Windows. http://people.redhat.com/~rjones/virt-df/ _______________________________________________ devel mailing list -- devel@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to devel-leave@xxxxxxxxxxxxxxxxxxxxxxx
