Gnome implemented sandboxing for thumbnail parsers, but @ubuntu patches that out, because why not? https://bugs.launchpad.net/ubuntu/+source/bubblewrap/+bug/1709164 …
-
-
No what I am saying is we didn't yet have resources to do the thorough review of bubblewrap so that we can satisfy ourselves that we can support it going forwards. This is days of work compared to minutes for a one line patch. So is not the same.
-
bubblewrap is relatively new software doing some complicated things to set up sandboxes - if we just blindly promote it to main and then find out it has a vuln itself which we could have caught through code review beforehand that is not a good outcome for our users.
- 19 more replies
New conversation -
-
-
Upstream requires a dependency for sandboxing which is not currently packaged in Ubuntu main. The "patch" is a one-liner that disables a build flag. I think this bug has been open way too long, but hopefully this explains why it's a problem of limited resources.
Thanks. Twitter will use this to make your timeline better. UndoUndo
-
-
-
I had reasons to leave Ubuntu out when considering for a distro. It turned out to be a complete right decision.
Thanks. Twitter will use this to make your timeline better. UndoUndo
-
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.