Request For Candidates: Application Review Board
Scott Kitterman
ubuntu at kitterman.com
Thu Aug 26 13:58:59 BST 2010
On Thursday, August 26, 2010 08:14:51 am Paul Sladen wrote:
> The _*/problem/*_ here is how to get packages from $own_ppa into Ubuntu
> with a level ease equivalent to the {iPhone,Android,Palm,Ovi} stores.
This will take more than not running as root. It will require a more complete
sandbox (probably some kind of VM I would guess) to constrain the application
to not have more access to the system/user data than they have disclosed.
I think that not using maintainer scripts, installing to /opt, running as the
user are good steps to support the traditional *nix security paradigm of
protecting the systems/root, but for this to lead to a truly lightweight
system, we will need to kick it up a level and also protect user level data
from such applications unless they are authorized to have access to it.
Scott K
More information about the ubuntu-devel
mailing list