[a / b / c / d / e / f / g / gif / h / hr / k / m / o / p / s / t / u / v / vg / vm / vmg / vr / vrpg / vst / w / wg] [i / ic] [r9k / s4s / vip] [cm / hm / lgbt / y] [3 / aco / adv / an / bant / biz / cgl / ck / co / diy / fa / fit / gd / hc / his / int / jp / lit / mlp / mu / n / news / out / po / pol / pw / qst / sci / soc / sp / tg / toy / trv / tv / vp / vt / wsg / wsr / x / xs] [Settings] [Search] [Mobile] [Home]
Board
Settings Mobile Home
/g/ - Technology
Return Catalog Bottom Refresh
Thread archived.
You cannot reply anymore.
[Advertise on 4chan]
[Return] [Catalog] [Bottom]
Anonymous Archived
AppImage security No.109006535
File: nradiowave.jpg (160 KB, 1070x1280)
160 KB JPG
AppImage security  No.109006535 Archived
I love AppImage but one thing I have to admit is that properly integrating it with a desktop environment will be a security nightmare.
The neat thing about AppImages is that they have embedded metadata for things like the app's icon and launchers. Except, (the only way I know) to get this data is by running 
software.AppImage --appimage-extract
- easy malware target. Even worse if you want to add a feature to show the AppImage icon as a thumbnail in a file browser, making it 0-click.
There should be a way to at least extract the metadata without executing anything in the binary itself.

pic not related
>>
Anonymous
 No.109006875
 No.109006875
>>109006535
AppImage, FlatPak, Snap, etc. are all solutions in search of problems.
>>
Anonymous
 No.109006890
 No.109006890
>>109006535
Is this woman meant for fucking
>>
Anonymous
 No.109006929
 No.109006929
AppImages depend on the suid-root, deprecated, unmaintained fuse2 interface. That is enough reason not to use it.
>>
Anonymous
 No.109007071
 No.109007071
>>109006535
Nigger just extract the metadata by hand and run the appimage through firejail.
>>
Anonymous
 No.109007421
 No.109007421
>>109006890
yes
>>
Anonymous
 No.109008412
 No.109008412
>>109006535
i wish they could just make robots look like that instead of bothering with making them look like humans
>>
Anonymous
 No.109011861
 No.109011861
https://github.com/kem-a/appimage-thumbnailer
this one seems to properly extract the squashfs instead of executing the program.
[Return] [Catalog] [Top]
Post a Reply
Return Catalog Top Refresh
[Advertise on 4chan]
Delete Post: [File Only] Style:
[Disable Mobile View / Use Desktop Site]

[Enable Mobile View / Use Mobile Site]

All trademarks and copyrights on this page are owned by their respective parties. Images uploaded are the responsibility of the Poster. Comments are owned by the Poster.