[Linux-aus] LCA Lecture about sandboxing desktop apps
Andrew Reimers
andrewreds at gmail.com
Tue Jun 20 00:25:17 AEST 2023
Have you looked into QubesOS? (https://www.qubes-os.org/)
It uses VMs to isolate different desktop applications. And has a security
model that doesn't outright suck.
We did a couple of LCA talks on what it is and why people should use it.
I guess it's biggest disadvantages are:
- It can be a bit of a memory hog. (Especially if you start launching 4x
copies of firefox in different networking contexts)
- Applications can't access the GPU, and must be fully software rendered
I've used it as my OS for the last ~ 5-7 years. Feel free to reach out if
you have any questions.
Thanks,
Andrew
On Mon, 19 Jun 2023 at 23:44, Russell Coker via linux-aus <
linux-aus at lists.linux.org.au> wrote:
> I recall that there was a lecture at an LCA some years ago about
> sandboxing
> many (most?) desktop apps. I don't recall if it was using Flatpak, Snap,
> Docker, or something else. I think that the aim was for version control
> which
> didn't interest me but I am now interested in such things for security.
> Google searches haven't turned up anything on it. Youtube searches have
> turned up a dozen interesting talks about various container issues but
> only
> from the last ~4 years and I recall there was a good one earlier than that.
>
> Anyone remember anything like that?
>
> --
> My Main Blog http://etbe.coker.com.au/
> My Documents Blog http://doc.coker.com.au/
>
>
>
> _______________________________________________
> linux-aus mailing list
> linux-aus at lists.linux.org.au
> http://lists.linux.org.au/mailman/listinfo/linux-aus
>
> To unsubscribe from this list, send a blank email to
> linux-aus-unsubscribe at lists.linux.org.au
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.linux.org.au/pipermail/linux-aus/attachments/20230620/ce65cb94/attachment-0001.html>
More information about the linux-aus
mailing list