On Mon, Jan 19, 2015, at 04:37 AM, Alexander Larsson wrote: > I disagree, for several reasons. First of all the end goal is fully > sandboxed applications. In this case leaking anything at all from the > host os is bad, but leaking /etc/passwd, etc is pretty damn bad.
Leaking /etc/shadow would be bad, /etc/passwd...eh. > Secondly, the other goal is to ensure one app+runtime works on *any* > system. "works" will depend on one's PoV; for some organizations, this TLS certificate issue will be quite important. And even if there was just one distribution layout (e.g. /etc/pki was standard), one still has to account for version skew over time. Say that an app wants to look for some new system configuration - for example, http://fedoraproject.org/wiki/Changes/CryptoPolicy It'd be possible for the app runtime's openssl/gnutls to have this change, but the target system not. That's a case where the shared libraries inside runtimes would need to be prepared to handle arbitrarily old content in /etc, or alternatively, some sort of versioned ABI, so xdg-app would error out if the app's runtime required too new of a host. _______________________________________________ gnome-os-list mailing list [email protected] https://mail.gnome.org/mailman/listinfo/gnome-os-list
