Hi,
On Fri, 2015-09-11 at 18:25 +0300, Elad Alfassa wrote:
People would prefer to develop against a stable runtime that will
work
anywhere because it's less work than developing for moving targets of
many
distributions which change too often. The sandbox would be a "side
effect"
from them, and it will protect the users from misbehaving apps and
some
security flaws.
But this only applies to non-malicious apps. You're right that if xdg
-app makes distributing software easier to a greater degree than the
sandbox makes it harder, it will be used by non-malicious developers,
which will definitely improve our security overall. Which is a big
benefit, so I was wrong and the sandbox is worth it, regardless of
whether it protects against malicious apps or not. (But it still does
zero good against malicious third-party apps.)
Michael