Install .deb files automatically in a sandbox environment
Instead of disabling installation of .deb packages and only relying on the repository as in the proposed way of dealing with external packages we could run them in a sandbox environment. Much like the feature used by many Windows firewalls. The intented implementation would be that when a .deb package is installed it's installed in a sandbox environment (Glimpse?) and on each startup the user is shown a dialog stating "This application is unknown to Elementary OS so it's being run in a secure mode. Do you trust this application and want to add it to your trusted applications list or leave it in secure mode?" with the option to not be asked this again. If the user chooses to trust the application it will be moved into it's regular installation directories. Otherwise it keeps running in Glimpse until the user uninstall it. This would remove the issue with unexperienced users installing unwanted applications but still let danger-aware users make conscious choices.
Blueprint information
- Status:
- Not started
- Approver:
- None
- Priority:
- Not
- Drafter:
- None
- Direction:
- Needs approval
- Assignee:
- None
- Definition:
- New
- Series goal:
- None
- Implementation:
-
Unknown
- Milestone target:
- None
- Started by
- Completed by
Related branches
Related bugs
Sprints
Whiteboard
The backend you seek is Arkose, not Glimpse. I'm Glimpse developer, so... ;)
I was going to reject this at first, but after more reading and more thinking I realised it might be a good idea.
--shnatsel
I'm not a developer so this isn't something I can integrate but I thought that this might be a good contribution to a good OS :) Is it something you are considering?
-- Niklas
A sandboxed app can still spy on the user, so it's not much use I'm afraid. Also, attackers can attempt to detect sandboxed mode and tell the user the app won't function properly while sandboxed, so I'm afraid it's no use for mere mortals. Marking not a priority because of that. --shnatsel