On Jul 14, 2017, at 11:30 AM, Richard Hughes <hughsient(a)gmail.com> wrote:
> On 14 July 2017 at 19:12, Andrew Lutomirski <luto(a)mit.edu> wrote:
> As above, it could be the exact same sandbox technology with the same
> portals and everything. The sandboxed program would just be files in
> /usr instead of a Flatpak.
How could that work? The runtime gets mounted in /usr and the app gets
mounted in /app in a different place.
https://media.readthedocs.org/pdf/flatpak/latest/flatpak.pdf is a good
read.
I don't see the problem. The runtime could be all of /use and the app
could be a symlink living in /app that points at /usr. The latter
could be created on the fly in a tmpfs.
Or the flatpak runtime could learn to accept a special type of
manifest that just says to run /usr/bin/whatever and not worry about
/app.