|
|
Subscribe / Log in / New account

OCI is an antiquated format, not fit for modern security requirements

OCI is an antiquated format, not fit for modern security requirements

Posted May 15, 2025 21:48 UTC (Thu) by bluca (subscriber, #118303)
In reply to: OCI is an antiquated format, not fit for modern security requirements by DemiMarie
Parent article: The future of Flatpak

They don't, sandboxing includes file accesses, as the article mentions there's a portal for that, and for good reasons.

In fact desktops are where these are most needed, since for the average user desktop browsers is how malware gets in.

to post comments

OCI is an antiquated format, not fit for modern security requirements

Posted May 17, 2025 0:15 UTC (Sat) by DemiMarie (subscriber, #164188) [Link] (1 responses)

Sandboxing keeps applications from doing stuff they should not do. Someone who can tamper with the sandboxed executables can also tamper with ~/.bashrc and execute arbitrary code outside the sandbox.

OCI is an antiquated format, not fit for modern security requirements

Posted May 17, 2025 11:19 UTC (Sat) by bluca (subscriber, #118303) [Link]

Those are more reasons in favour of strong sandboxing and code integrity, not against them


Copyright © 2025, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds