this post was submitted on 09 Apr 2024
311 points (98.7% liked)

Linux

48689 readers
387 users here now

From Wikipedia, the free encyclopedia

Linux is a family of open source Unix-like operating systems based on the Linux kernel, an operating system kernel first released on September 17, 1991 by Linus Torvalds. Linux is typically packaged in a Linux distribution (or distro for short).

Distributions include the Linux kernel and supporting system software and libraries, many of which are provided by the GNU Project. Many Linux distributions use the word "Linux" in their name, but the Free Software Foundation uses the name GNU/Linux to emphasize the importance of GNU software, causing some controversy.

Rules

Related Communities

Community icon by Alpár-Etele Méder, licensed under CC BY 3.0

founded 5 years ago
MODERATORS
 

I thought I'll make this thread for all of you out there who have questions but are afraid to ask them. This is your chance!

I'll try my best to answer any questions here, but I hope others in the community will contribute too!

you are viewing a single comment's thread
view the rest of the comments
[–] [email protected] 12 points 8 months ago* (last edited 8 months ago) (5 children)

On Android, when an app needs something like camera or location or whatever, you have to give it permission. Why isn't there something like this on Linux desktop? Or at least not by default when you install something through package manager.

[–] [email protected] 16 points 8 months ago

Android apps are sandboxed by default while packages on Linux run with the users permission.

There is already something like this with Flatpak since it also sandboxes every installed program and only grants requested permissions.

[–] [email protected] 8 points 8 months ago

Because it requires a very specific framework to be built from the ground up, and FDO doesn't specify these. A lot of breakage would happen if were to shoehorn such changes into Linux suddenly. Android has many layers of security that they're fundamentally different than that of the unix philosophy. That's why Android, even if it's based on Linux, it's not really considered "a distro".

[–] [email protected] 5 points 8 months ago* (last edited 8 months ago) (2 children)

It is technically doable, but that would require a unified method to call when an app needs camera, and that method will show the prompt.

This would technically require developers to rewrite their apps on linux, which is not happening anytime soon.

Fortunately, pipwire and xdg-portal is currently doing this work, like when you screen share on zoom using pipwire, a system prompt will pop up asking you for what app to share. Unlike on Windows, zoom cannot see your active windows when using this method, only the one that you choose to share.

Most application framework, including GTK and electron, are actively supporting pipwire and portal, so the future is bright.

There is a lot of work in improving security and usablity of linux sandbox, and it is already much better than Windows (maybe also better than macos?). I am confident, in 5 years, linux sandbox stack (flatpak, protal, pipewire) will be as secure and usable as on android and ios.

[–] [email protected] 1 points 8 months ago

I'd love to just skip to "Linux being secure and running on my smartphone instead of Android" but we know how much an uphill battle that is hahaha.

[–] [email protected] 1 points 8 months ago (1 children)

It probably would end up being implemented though XDG portals

[–] [email protected] 1 points 8 months ago (1 children)

If I understand correctly pipwire is supposed to be the "portal" but for audio and videos.

But I believe camera portal is already there, using pipwire. All they need to add is a popup to request usage when the app needs it.

[–] [email protected] 2 points 8 months ago (1 children)

XDG portals is the standard interface that applications (should) use to do things on your system. It is most commonly associated with flatpaks and Wayland.

You could have pipewire as the back end but XDG portal implementation usually is controlled by the desktop.

[–] [email protected] 1 points 8 months ago

Thanks for correcting me!

[–] [email protected] 3 points 8 months ago

Sandboxing wasn't considered during development of Linux. But recent development incorporates this practice and can be found for example in flatpaks.

[–] [email protected] 1 points 8 months ago

Flatpaks get permission though XDG-portals. The difference is there are usually no popups