Skip Navigation

User banner
InitialsDiceBearhttps://github.com/dicebear/dicebearhttps://creativecommons.org/publicdomain/zero/1.0/„Initials” (https://github.com/dicebear/dicebear) by „DiceBear”, licensed under „CC0 1.0” (https://creativecommons.org/publicdomain/zero/1.0/)I
IverCoder @ IverCoder @lemm.ee
Posts
6
Comments
74
Joined
2 yr. ago

  • PiVPN Releases Final Version and Announces Project Shutdown

    Jump

  • I vaguely remember some money calculating-related project guy who received a PR that heavily optimized and updated the project. Since he was very busy and no longer really wanted to maintain the project, rather than reviewing and merging the commit, he gave the contributor complete access to the repo for them to maintain the project at their own discretion. The project was unpopular back then—when he looked back a few years later, he was surprised to discover that the project had racked up several thousands of stars.

  • Reproducing a Microsoft corporate environment on Linux.

    Jump

  • BlueBuild and deploy your customized image to the devices

  • Land (r)u(le)se

    Jump

  • Cotton

  • NSFW

    [Content Warning: Transphobia] From the very same people who tell us to "boycott Wayland"

    Jump

  • binex-dsk is now shadowbanned on GitHub

  • NSFW

    [Content Warning: Transphobia] From the very same people who tell us to "boycott Wayland"

    Jump

  • Evil Wayland is making their app crash

  • NSFW

    [Content Warning: Transphobia] From the very same people who tell us to "boycott Wayland"

    Jump

  • Sorry for the Windows emojis lol, I'm on a computer shop as I post this on lunch break

  • Where to get Minecraft for Arch Linux from?

    Jump

  • You may have skipped some steps

  • Oh for fuck's sake

    Jump

  • Most storage space viewers get confused by Flatpak's heavily deduplicated and compressed files, leading to them reporting way larger space than what's actually occupied on the hard drive.

  • If only more Linux programs followed sandboxing best practices...

    Jump

  • Well, no matter how I trust my photo editing app, it has no business accessing my thesis documents. Proper filesystem sandboxing does security properly.

  • If only more Linux programs followed sandboxing best practices...

    Jump

  • The file picker API is there to allow apps to access and save files with the user's consent, while bot having any filesystem access. So a properly sandboxed app would be able to open, edit, and save files wherever the user wants, while not having access to any other irrelevant files, such as your .bashrc or memes folder.

  • If only more Linux programs followed sandboxing best practices...

    Jump

  • As I mentioned in my previous comment, they use the portals API to access and save files.

  • If only more Linux programs followed sandboxing best practices...

    Jump

  • An app should not be able to access stuff the user did not consent to letting access.

  • If only more Linux programs followed sandboxing best practices...

    Jump

  • As well as FOSS too. Sandboxing is a security standard that should be followed by every software how open their code may be.

  • If only more Linux programs followed sandboxing best practices...

    Jump

  • This could well be an advanced video editor or an office suite if they take full advantage of the portals API without losing any functionality. Well, they can have the network permission, it would still be safe anyway.

  • If only more Linux programs followed sandboxing best practices...

    Jump

  • With a bit of modifying code to use the color picker and maybe rearranging the workflow to adapt to the new system, apps as advanced as DaVinci Resolve and LibreOffice can have permissions as restrictive as this (the network permission would of course may be needed but it would still be marked as Safe by Flathub).

    You can use the file picker API to open the files or folders your app would need to access while having no filesystem permissions at all. You can access the camera, microphone, and GPS without the user devices portal, by simply using the respective portals where the user has the power to allow or deny access to such devices as they wish.

    You can record the screen, take a screenshot, and pick a color in the screen by simply calling the proper portals, with the bonus that the user will be able to select if they want the entire screen, a specific window, or a specific area to be recorded/captured and whether the cursor should be shown or not.

    Heck, even TeamViewer can be as this restricted without losing any functionality if they use the Screen Cast portal which allows apps to mirror input from a remote device! They would of course need the network permission, but that's still safe.

  • If only more Linux programs followed sandboxing best practices...

    Jump

  • There's Obfuscate, an image redactor, and Metadata Cleaner which is self-descriptive. Both works properly without any filesystem access at all, because they use the file picker portal to ask the user for the files to be processed.

  • If only more Linux programs followed sandboxing best practices...

    Jump

  • The app can then declare the network permission and it will still be marked as safe.

  • If only more Linux programs followed sandboxing best practices...

    Jump

  • It's actually Dippi but I don't want to look like I'm advertising it here

  • Linux @lemmy.ml
    IverCoder @lemm.ee

    If only more Linux programs followed sandboxing best practices...

  • Monster

    Jump

  • This is essential for the year of the Linux desktop to come.

  • Linux @lemmy.ml
    IverCoder @lemm.ee

    Flatpak standing the test of time: modern Flatpak apps running on Ubuntu 16.04 ESM, a 7-year-old distro

  • Piracy: ꜱᴀɪʟ ᴛʜᴇ ʜɪɢʜ ꜱᴇᴀꜱ @lemmy.dbzer0.com
    IverCoder @lemm.ee

    Microsoft Office activation guide modified to use Ohook

    rentry.org /office-guide
  • Linux @lemmy.ml
    IverCoder @lemm.ee

    Nothing's definitely off in here

  • Sync for Lemmy @lemmy.world
    IverCoder @lemm.ee

    Is it just me or did Lemmy suddenly became more active now that Sync for Lemmy is released?