Fwd: [ANNOUNCE] xdg-app - desktop app sandboxing system

Kevin Krammer krammer at kde.org
Wed Jun 24 09:39:38 BST 2015 

----------  Forwarded message  ----------

Subject: [ANNOUNCE] xdg-app - desktop app sandboxing system
Date: Mittwoch, 2015-06-24, 10:15:11
From: Alexander Larsson <alexl at redhat.com>
An: gnome-announce-list at gnome.org, gnome-os-list at gnome.org, 
containers at lists.linux-foundation.org, xdg <xdg at lists.freedesktop.org>

xdg-app is a desktop and distribution-independent application bundling
and system for Linux. It uses user namespaces and the kernel container
technologies to run applications in a sandboxed environment without any
kind of root privileges or setuid required[1]. It also features a user
-space dbus filter with policies that are compatible with kdbus.

xdg-app is still somewhat early in development, but it is now in a
state where it is stable enough to get a wider audience.

More details on how xdg-app works can be found here:
 https://wiki.gnome.org/Projects/SandboxedApps

xdg-app recently moved to a new hosting service at freedesktop.org, so
these are the current resources for xdg-app:

  Mailing list: http://lists.freedesktop.org/mailman/listinfo/xdg-app
  IRC: #xdg-app on freenode
  Git: git://anongit.freedesktop.org/xdg-app/xdg-app
  Releases: http://www.freedesktop.org/software/xdg-app/releases/
  Bugzilla: https://bugs.freedesktop.org/ (product xdg-app)

To actually test xdg-app I have created upstream gnome and freedesktop 
runtimes with some test apps, as well as an example repository with
runtime and apps based on fedora rawhide packages. See these blog posts
for details:
 https://blogs.gnome.org/alexl/2015/03/31/official-gnome-sdk-runtime-builds-are-out/
 https://blogs.gnome.org/alexl/2015/06/17/testing-rawhide-apps-using-xdg-app/

[1] Needs user namespaces in the kernel, if not available it can be
built to use setuid or setcaps instead.


-- 
=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
 Alexander Larsson                                            Red Hat, Inc 
       alexl at redhat.com            alexander.larsson at gmail.com 
He's an impetuous playboy rock star with a robot buddy named Sparky. 
She's a disco-crazy impetuous schoolgirl with her own daytime radio talk 
show. They fight crime! 

_______________________________________________
xdg mailing list
xdg at lists.freedesktop.org
http://lists.freedesktop.org/mailman/listinfo/xdg

-------------------------------------------------------------
-- 
Kevin Krammer, KDE developer, xdg-utils developer
KDE user support, developer mentoring
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 173 bytes
Desc: This is a digitally signed message part.
URL: <http://mail.kde.org/pipermail/kde-core-devel/attachments/20150624/2989d971/attachment.sig>

More information about the kde-core-devel mailing list