Mini distribution for Plash
Status: planning
Aim: Provide a mini distribution of packages known to work with Plash, to be installable using Plash's PackageSystem.
This will focus on GUI applications, since this is the area least well served by existing security/virtualization systems such as SELinux and Xen. The mini distribution should include a Web browser (probably Firefox), text editor, e-mail client, PDF viewer, etc.
The mini distro will be based on Debian or Ubuntu. Where possible, it will track the current versions, but it may lag if new upstream versions introduce incompatibilities with Plash.
We will provide all libraries required as dependencies, upto and including libc. The mini distro will not cover the kernel, boot scripts, system tools. Initially it won't cover the X server and parts of GNOME such as the panel and file browser. The applications will run under Plash inside a system provided by another distribution.
We need to modify various components:
- glibc is already modified
- Gtk: we have an LD_PRELOADed module for the powerbox hook, but that is a hack and we should modify gtk itself and ultimately put something upstream
- Add powerbox hooks to other widget sets
- Other components may need tweaking to make fewer assumptions about their environment. For example, Plash doesn't support /proc.
An archive of old Debian packages is provided by http://snapshot.debian.net, which should reduce the amount of data we need to host.