Plash version 1.18

Package system

The major new feature in this release is the packaging system, for running programs from Debian packages in sandboxes. This is able to run a number of programs such as Firefox and Evince. See PackageTools.

This first version of the package system has some shortcomings:

This is something of a stopgap release in terms of the package system. A priority for the next version is to add a persistence system. This will provide a way of granting authority across sessions, and it will provide a way to configure the package system including specifying GPG keys.

Wiki

This is the first release to be documented through the wiki. Bugs are tracked on the wiki, new features tracked through story pages, and the RoadMap page sketches out plans for future changes. The older pages outside the wiki will be removed soon.

Security fix

This release addresses a major security issue: granting access to the terminal (see PlashIssues/TtyVulnerability). pola-run now proxies access to the terminal. This has been implemented in Python, and as a consequence the package has switched to installing the Python implementation of pola-run instead of the C implementation. pola-shell has been dropped from the .deb for this release. The plan is to add it back when it is rewritten in Python.

Minor new feature: --tmp

The options --tmp/--tmpdir have been added to pola-run, partly to address PlashIssues/HardLinkVulnerability. See Story8.

Testing

The test suite is much expanded, with new unit tests being written in Python. Previously tests were written in Perl and closer to functional/integration tests in scope. See TestingPlash.

Bugs

Issues fixed:

In particular one issue still remains:

PlashRelease1.18 (last edited 2007-06-10 11:22:16 by MarkSeaborn)