Batis - XDG-based packaging for Linux desktop apps

Michal Suchanek hramrach at
Sat Nov 21 14:34:47 PST 2015

On 20 November 2015 at 22:01, Jasper St. Pierre <jstpierre at> wrote:
> Currently, the security model of Linux systems is "distro verifies
> security and adds to their own repo", with, of course, the step of
> "user trusts distro".
> The security model of Batis seems to be "user trusts application developer"
> The security model of xdg-app is "user trusts the sandbox mechanism".

One thing is to trust the sandboxing and another is to trust the
application to work in a sandbox reasonably well.

If I install abiword in a sandbox I cannot edit my word files,
obviously. I have to give it access to my word files to be of any use.
Which in present day is only accomplished by installing it on my
desktop machine directly.

This can be solved to some extent by modification to the GTK library
so that calling the function that normally pops up file open dialog
actually calls into the sandboxing framework to import a file into the
sandbox. And depending on the policy the file would be trashed after
the application terminates, or copied as new version, or updated

This won't work with libreoffice or firefox, unfortunately. They use
their own file open dialog and not the stock one.



More information about the xdg mailing list