[ANNOUNCE] xdg-app - desktop app sandboxing system

[Thomas Kluyver]

Hi Alex,

On Wed, Jun 24, 2015, at 01:15 AM, Alexander Larsson wrote:
> More details on how xdg-app works can be found here:
>  https://wiki.gnome.org/Projects/SandboxedApps

Thanks, this looks interesting. A couple of questions:

How specific is a 'runtime'? If I've written an application based on
Python and Qt, for instance, do I need to define a Python+Qt runtime
based on the versions I need? Or would I use the freedesktop runtime and
specify in some other way that the application requires Python and Qt?
Or use the freedesktop runtime and bundle anything missing from it into
my application?

The wiki page mentioned distribution of apps, and I see links to
'OSTree', but I'm not quite clear what it means. What would it look like
for an application developer to package and distribute an application
like this, and what is going on when the user installs it?

On that last bit, specific examples of what I'm not sure about:
- Is it still conveyed inside an rpm/deb/whatever package, or will user
systems use OSTree to fetch it?
- Would an application developer host their own packages, or is it still
a centralised model like distro packaging? If it's centralised but
cross-distribution, who would run the repository?
- When the user installs an application, would it be like current app
installation on smartphones? "FooApp needs these permissions, OK to
install it?" Or could they deny individual capabilties? Or are the
capabilities checked by a centralised gatekeeper before the app is
available? Or some other model?

Best wishes,
Thomas