General sandbox specs?

Lars Hallberg spam at
Fri Mar 12 19:56:04 EET 2004

Thomas Leonard wrote:

>On Fri, Mar 12, 2004 at 02:48:58PM +0100, Lars Hallberg wrote:
>>This is something I been wondering about sens the birth usermode linux.
>>Would it be possable to build a sandbox, wher it is safe to download and 
>>run untrusted binarys?
>User Mode Linux would be a good place to start. You'll get problems as
>soon as you try to share your display with untrusted applications, though,
>so you'd basically need to run them in a sub-desktop with Xnest or
>something like that:
Hmm... this is a bit of a showstoper for the intended pupose, as You 
can't have any HW acceleration in an xnest window (?)

DirectFB might be an option, as You then can get Your own fullscreen on 
Your own wc as I understand. But then You have to exit X (to my 
understanding, X and DirectFB cant run at once) to run accelerated in 
fullscreen :-(

But the sandboxed app cold be offered the choice betwen xnest and 
fullscren DirectFB. So only apps that needed accaleration (probably 
games) needed to conflikt with X.

Whats the problems/tradeoff with an X-driver based on DirectFB? So You 
could have X on consol 7 and an fullscreen sandboxed game on consoll 8. 
If switching consol would pause the game that would be pretty cool!

And, hehe, what need to be done to X to allowe untrusted apps (apps that 
can't compromise or spy on other apps on the desktop)? Possably force 
some special window decoration on thes apps windows to prevent UI spoofing?


More information about the xdg mailing list