User: Password:
|
|
Subscribe / Log in / New account

App confinement for Ubuntu mobile devices

App confinement for Ubuntu mobile devices

Posted Apr 25, 2013 5:12 UTC (Thu) by pabs (subscriber, #43278)
Parent article: App confinement for Ubuntu mobile devices

Users run plenty of non-free software on Linux (Skype, Flash, Windows apps via Wine, games etc) but generally don't bother to restrict them. Maybe it is time that desktops like GNOME and KDE started doing that.


(Log in to post comments)

App confinement for Ubuntu mobile devices

Posted Apr 25, 2013 8:56 UTC (Thu) by ovitters (subscriber, #27950) [Link]

GNOME has started working on that a while ago, see various LWN articles. It won't be a GNOME-only thing AFAIC. Such things obviously take time.

App confinement for Ubuntu mobile devices

Posted Apr 25, 2013 9:32 UTC (Thu) by khim (subscriber, #9252) [Link]

It's not just non-free applications. Even free applications can be buggy. Unix permissions and the whole security model was invented for the world where large iron machines server tens or may be hundreds of users and you need to protect users from other users. In today's desktop world this deteriorates to this XKCD strip. Practically speaking today Linux desktop "security" is much closer to MS DOS security model then to any other security model.

I know these things take time but this is getting ridiculous: change in security happened twenty years ago when Internet become ubiquitous yet Linux security model is still centered around "one standalone large machine with hundreds of terminals" which is barely ever used anymore.

App confinement for Ubuntu mobile devices

Posted Apr 26, 2013 11:37 UTC (Fri) by sorpigal (subscriber, #36106) [Link]

A much better model would be per-process users (or rather per-application) which, hello, looks a lot like Android. To make this practical I would want to combine it with some kind of (de)centralized authorization system such that I don't have to have a different password for each application for each device. It takes a rather hefty amount of infrastructure to set this up and not be locked out of all of your stuff when the network goes down.

App confinement for Ubuntu mobile devices

Posted Apr 26, 2013 16:08 UTC (Fri) by dlang (subscriber, #313) [Link]

note that now that android is trying to support multiple users, they are having some fun with their use of users for apps

App confinement for Ubuntu mobile devices

Posted Apr 26, 2013 19:12 UTC (Fri) by dtlin (✭ supporter ✭, #36537) [Link]

Each user gets a different UID space so every (user × app signature) gets a different UID. I'm not sure what you mean by "fun", this part seems pretty straightforward.

Having mostly-separate data and settings (with a few globals shared between users) is the interesting part, but that's probably equal amounts of fun with either 2 or M+N UIDs.


Copyright © 2017, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds