General sandbox specs?
Lars Hallberg
spam at micropp.se
Fri Mar 12 19:56:04 EET 2004
Thomas Leonard wrote:
>On Fri, Mar 12, 2004 at 02:48:58PM +0100, Lars Hallberg wrote:
>
>
>>This is something I been wondering about sens the birth usermode linux.
>>
>>Would it be possable to build a sandbox, wher it is safe to download and
>>run untrusted binarys?
>>
>>
>
>User Mode Linux would be a good place to start. You'll get problems as
>soon as you try to share your display with untrusted applications, though,
>so you'd basically need to run them in a sub-desktop with Xnest or
>something like that:
>
>
Hmm... this is a bit of a showstoper for the intended pupose, as You
can't have any HW acceleration in an xnest window (?)
DirectFB might be an option, as You then can get Your own fullscreen on
Your own wc as I understand. But then You have to exit X (to my
understanding, X and DirectFB cant run at once) to run accelerated in
fullscreen :-(
But the sandboxed app cold be offered the choice betwen xnest and
fullscren DirectFB. So only apps that needed accaleration (probably
games) needed to conflikt with X.
Whats the problems/tradeoff with an X-driver based on DirectFB? So You
could have X on consol 7 and an fullscreen sandboxed game on consoll 8.
If switching consol would pause the game that would be pretty cool!
And, hehe, what need to be done to X to allowe untrusted apps (apps that
can't compromise or spy on other apps on the desktop)? Possably force
some special window decoration on thes apps windows to prevent UI spoofing?
/LaH
More information about the xdg
mailing list