Request For Candidates: Application Review Board

Scott Kitterman ubuntu at
Thu Aug 26 13:58:59 BST 2010

On Thursday, August 26, 2010 08:14:51 am Paul Sladen wrote:
> The _*/problem/*_ here is how to get packages from $own_ppa into Ubuntu
> with a level ease equivalent to the {iPhone,Android,Palm,Ovi} stores.

This will take more than not running as root.  It will require a more complete 
sandbox (probably some kind of VM I would guess) to constrain the application 
to not have more access to the system/user data than they have disclosed.

I think that not using maintainer scripts, installing to /opt, running as the 
user are good steps to support the traditional *nix security paradigm of 
protecting the systems/root, but for this to lead to a truly lightweight 
system, we will need to kick it up a level and also protect user level data 
from such applications unless they are authorized to have access to it.

Scott K

More information about the ubuntu-devel mailing list