Web start sandboxing and security
Andy Lutomirski
luto at amacapital.net
Mon Dec 2 13:04:13 PST 2013
On Sun, Dec 1, 2013 at 11:39 PM, Jiri Vanek <jvanek at redhat.com> wrote:
> On 12/01/2013 02:24 AM, Fernando Cassia wrote:
>
>>
>> On Fri, Oct 18, 2013 at 3:14 PM, Andy Lutomirski <luto at amacapital.net
>> <mailto:luto at amacapital.net>> wrote:
>>
>> Even if the app is signed, there should still be a way to run it in
>> the sandbox. I've yet to encounter a JNLP app in the wild that has
>> any legitimate reason to do anything other than access the internet,
>> create some temporary files, and occasionally use the file picker.
>> Let me run it in the sandbox, please.
>>
>>
>
> This is intresting idea, to have "Aplication is signed, trust/dont trust"
> dialog extedned to "Aplication is signed, trust/dont trust/run in sandbox"
>
> I'm not sure how hardor even safe will be to implement it, but there can be
> anther solution. Andrew Azores is working on policy.tool, which should do
> exactly waht you wont.
> Although application X is requesting permissions A B C, you specifi in
> policy file that it can use only eg B. So when app. X will request A and C
> it will get permission denied.
> Is it what you wont?
> Maybe when this will be safely in and tested, we can add the "run in
> sandbox" button, which will just create tmo policy for application.
That would be great.
>
> However this development is tricky work, and althogh we are trying to get
> it into next (1.5) release, we are not sure if we will make it.
>
In the mean time, I'd still consider a change to the text in the UI to
be a considerable improvement.
--Andy
More information about the distro-pkg-dev
mailing list