Proposing a New App Developer Upload Process

Loïc Minier loic.minier at ubuntu.com
Fri Sep 7 13:48:53 UTC 2012 

On Fri, Sep 07, 2012, Matthew Paul Thomas wrote:
> What kind of sandboxing, specifically, do you think would be necessary
> for hundreds of thousands of Ubuntu applications not to interfere with
> each other? It seems to me there are four possible points of contention:
> 1.  package names (versus the OS archive, and versus each other)
> 2.  installed files
> 3.  saved documents and settings
> 4.  resource use (memory, CPU, network, peripherals) while running.

Sandboxing might also involve enforcing the app / system interface; e.g.
not expose any other shared library than the ones application can rely
on being "always there" for a particular version of the interface.

e.g. can an application rely on libgtk-x11-2.0.so.0 to be there or
should it bundle it?  If we encourage apps to be self-contained, we are
lowering the overall security experience of the system by expecting all
application developers to update a lot of embedded libraries; if we make
them rely on system libraries, we're stuck with deps on them "forever".


Another constraints for sandboxing is integration between apps and
integration of apps with the system.  There are various levels at which
we expect apps will integrate with the system such as notification area
icon, a background service, gadgets, but integration between apps is
also important and isn't very developed in Android / iOs.  Sure, there
are some "Share" buttons or "Open with" intents in iOS and Android and
even Nautilus has a "Send to...", but I feel this is a very limited
level of integration.  Will we allow detecting the presence of another
app?  How do I embed this or that image viewer or music player into this
or that cloud file sharing app?
  Also, we want application sandboxing but are we going to allow
replacing system services in apps?  Would we allow an app to act as an
interactive desktop background?  Are sandboxed apps always fullscreen
like on Android and iOS, or may they have resizeable windows?


[ 2/ (installed files) above seems like a non-problem if we have unique
app names though ]

-- 
Loïc Minier

More information about the ubuntu-devel mailing list