Sandboxing GUI applications
My Linux beginnings dates back to around 2002, still on high school, I needed remotely manageable irc bot. Since then I gradually switched completely to openSUSE with some Windows based gaming exceptions. Years later and I am working as a software engineer at SUSE on openQA project where I try to help openSUSE and SUSE to have the best automated testing available.
No video of the event yet, sorry! Meanwhile...
There are plenty of resources how to do sandboxing or isolation of 'server applications'. But what if I want to isolate my browser or I do not trust 3rd party closed source GUI based applications I still need to use?
Until our lord and saviour Wayland is ready and can join holy trinity of Wayland - libinput - cgroups, we still need to overcome basic problem of how to get the damned X display into the container and don't compromise on security.
In this short talk I will present my (X based) solution, provide some overview of other methods currently available, and bright future of the xdg-app.
- 2016 June 24 12:30
- 30 min
- Roter Salon
- openSUSE Conference 2016
- Technology & Development