Enviado desde mi iPhone > El 19 jul 2017, a las 0:55, Patrick Griffis <tingping@xxxxxxxxxxx> escribió: > > Correct me if I am wrong but Snap has other limitations too such as no sandboxing on Fedora, no ability to add multiple remote repositories, limited desktop integration compared to Flatpaks Portals. It is true we cannot rely on apparmor and SElinux support is only a possibility that nobody is hacking on at the moment. On Fedora we still have the same seccomp snadboxing and a few related mechanisms, such as udev tagging of devices, device cgroup and a dbus xml configs. Apparmor may soon be stackable under SElinux (and vice versa I hear) so we may get the same confinement as on pure apparmor distributions. Ideally someone would step up and work on full blown SElinux support but that is a large task that nobody has attempted yet. Multiple repositories are a design decision that shifts the complexity and decisions away from the edge. A device points to one repository that in turn may aggregate and filter any number of repositories. This is already used in the field by various snap-based products. As for desktop support I think we are only off on theming but that is benign pursued. Snaps are not opinionated on existing software like flatpaks are. You can put gcc or apache into a snap and it will work fine. It won't needs to use portals. You can also put gnome apps in a snap and they can choose to use portals or can work the old way, without any trusted helpers that mediate access and act as file pickers. I believe Ubuntu desktop developers are working on integrating portals with snappy interfaces (so that they can be used by apps that understand them). If tomorrow there is another portal or another portal like thing that is all he same for snapd. It is just another interface. Let me know if you have any questions. I'm eager to spread the knowledge and help everyone understand how snaps work. Best regards ZK > _______________________________________________ > devel mailing list -- devel@xxxxxxxxxxxxxxxxxxxxxxx > To unsubscribe send an email to devel-leave@xxxxxxxxxxxxxxxxxxxxxxx _______________________________________________ devel mailing list -- devel@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to devel-leave@xxxxxxxxxxxxxxxxxxxxxxx
