XPost: comp.sys.raspberry-pi, alt.os.linux.mageia   
   From: gtaylor@tnetconsulting.net   
      
   On 12/9/23 15:23, Ahem A Rivet's Shot wrote:   
   > 	One way to isolate applications completely would be to run each   
   > application in its own VM with its own X11 display (or Wayland) all   
   > displayed in a real X11 display that does nothing but run VNC viewers to   
   > the VMs. Nothing but a minimal window manager that launches VM sessions   
   > runs in the real X11 display. This does require users to be able to launch   
   > VMs - preferably ones that cannot be accessed by other users, if needs be a   
   > setuid tool could be used I suppose.   
      
   I'm not convinced that VMs and the ability to start them are required.   
      
   I think you could get away with containers that each have their own   
   virtual X11 display server -- Xvnc for the sake of discussion -- would   
   likely suffice.   
      
   You can get quite close running each application as separate users on   
   the same system.  Wherein each application has it's own virtual X11   
   display server (Xvnc).   
      
   But yes VMs will provide more isolation than containers which will   
   provide more isolation than separate users.  It's all a question of   
   finding the balance for what is wanted vs what is needed and what   
   resources are available.   
      
   My personal goal is so that one application; e.g. Firefox, running as a   
   dedicated user doesn't have access to all of my personal files that my   
   are accessed as my primary user.   
      
   Once you start going down the road of separation of the X11 display   
   server from the X11 client applications, options start opening up, e.g.   
   running on different systems, OSs, architectures, etc.   
      
      
      
   Grant. . . .   
      
   --- SoupGate-Win32 v1.05   
    * Origin: you cannot sedate... all the things you hate (1:229/2)