[blfs-support] Knowing when to ditch an old (desktop) system

William Tracy afishionado at gmail.com
Tue Dec 30 16:02:13 PST 2014


On Dec 30, 2014 12:16 PM, "Michael Shell" <list1 at michaelshell.org> wrote:
> Something like system-wide enforced application individualized sandboxing
> is what I have in mind - each application should have an associated set
> of permissions (installed as a text file in something like
> /etc/perms/theapp) that sets limits on just what it is allowed to do -
> that are passed on to any other applications that may be started by it.
> And perhaps the rules could be defined in ways such that only half a dozen
> or so predefined rule sets are needed for 99%+ of the applications so as
> to make administration easy.

I don't want to take things too far off topic, but this is something I've
thought about a bit.

First, Android has successfully implemented something a lot like what
you've described. Internally, different apps run as different Linux users
with different permissions.

Second, I have been kicking around an idea for a Linux distribution built
around this very idea. (Unfortunately, I have too many existing projects to
actually try it.)

Basically, every package would have a set of SELinux rules. There would be
a set of default rules described by the package, and a UI that lets the
admin review and possibly modify those rules, again at a per-package level.

I actually wanted to take the concept a step further, and make it possible
to install and use packages even if you don't trust the package author.
(Again, Android already does this.)  For most existing package management
systems, this is a non-starter because all the install scripts run as root.
However, I think that the Nix package manager could be extended to support
this. All Nix install/uninstall scripts are written in a DSL that describes
a set of transformations to the system. I believe that the interpreter
could be extended to support this sort of thing, either by adding some
sandboxing functionality, or by analyzing the script up front and providing
the admin a list of changes that will be performed.

Again, I have no time and energy to undertake this myself, but if anyone
else wants to take the initiative, I might pitch in here and there.

William Tracy
Sent from mobile, may contain typos.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.linuxfromscratch.org/pipermail/blfs-support/attachments/20141230/dbc8adb8/attachment.html>


More information about the blfs-support mailing list