Batis - XDG-based packaging for Linux desktop apps

Bastien Nocera hadess at
Sat Nov 21 16:16:41 PST 2015

On Sat, 2015-11-21 at 23:34 +0100, Michal Suchanek wrote:
> On 20 November 2015 at 22:01, Jasper St. Pierre <jstpierre at
> t> wrote:
> > Currently, the security model of Linux systems is "distro verifies
> > security and adds to their own repo", with, of course, the step of
> > "user trusts distro".
> > 
> > The security model of Batis seems to be "user trusts application
> > developer"
> > 
> > The security model of xdg-app is "user trusts the sandbox
> > mechanism".
> One thing is to trust the sandboxing and another is to trust the
> application to work in a sandbox reasonably well.
> If I install abiword in a sandbox I cannot edit my word files,
> obviously. I have to give it access to my word files to be of any
> use.
> Which in present day is only accomplished by installing it on my
> desktop machine directly.
> This can be solved to some extent by modification to the GTK library
> so that calling the function that normally pops up file open dialog
> actually calls into the sandboxing framework to import a file into
> the
> sandbox. And depending on the policy the file would be trashed after
> the application terminates, or copied as new version, or updated
> in-place.

This is getting fixed by using "Portals" in xdg-app, and is the reason
why native file choosers are getting implemented in GTK+:

> This won't work with libreoffice or firefox, unfortunately. They use
> their own file open dialog and not the stock one.

Both are getting ported to GTK3, so they could use the above work
without much changes.

More information about the xdg mailing list