Batis - XDG-based packaging for Linux desktop apps

[Michal Suchanek]

On 20 November 2015 at 22:01, Jasper St. Pierre <jstpierre at mecheye.net> wrote:
> Currently, the security model of Linux systems is "distro verifies
> security and adds to their own repo", with, of course, the step of
> "user trusts distro".
>
> The security model of Batis seems to be "user trusts application developer"
>
> The security model of xdg-app is "user trusts the sandbox mechanism".

One thing is to trust the sandboxing and another is to trust the
application to work in a sandbox reasonably well.

If I install abiword in a sandbox I cannot edit my word files,
obviously. I have to give it access to my word files to be of any use.
Which in present day is only accomplished by installing it on my
desktop machine directly.

This can be solved to some extent by modification to the GTK library
so that calling the function that normally pops up file open dialog
actually calls into the sandboxing framework to import a file into the
sandbox. And depending on the policy the file would be trashed after
the application terminates, or copied as new version, or updated
in-place.

This won't work with libreoffice or firefox, unfortunately. They use
their own file open dialog and not the stock one.

Thanks

Michal