From 7518b25a6d6c0350574078b4950e995560c30624 Mon Sep 17 00:00:00 2001 From: fedir Date: Tue, 15 Apr 2025 19:36:42 +0200 Subject: [PATCH] Fixed typos --- motivation.tex | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/motivation.tex b/motivation.tex index 7fbc7b2..befb9dc 100644 --- a/motivation.tex +++ b/motivation.tex @@ -23,7 +23,7 @@ Another problem of these solutions, is that their policies are granted forever a \section{Containerisation} -Another solution to consider, is using containerised software distribution, like Flatpak\cite{FLATPAK}, Snapcraft\cite{SNAP} or AppImage\cite{APPIMAGE}. Those types of package distribution systems either use Linux feature called \emph{namespaces} or leverage MAC mechanisms to isolate software from the rest of the system. Aside from solving common dependency management problems, this approach also allows some capabilities of the distributed software to be restricted, like access to camera, hardware devices, but, most importantly, file system objects. +Another solution to consider, is using containerised software distribution, like Flatpak \cite{FLATPAK}, Snapcraft \cite{SNAP} or AppImage \cite{APPIMAGE}. Those types of package distribution systems either use Linux feature called \emph{namespaces} or leverage MAC mechanisms to isolate software from the rest of the system. Aside from solving common dependency management problems, this approach also allows some capabilities of the distributed software to be restricted, like access to camera, hardware devices, but, most importantly, file system objects. However, because the developer of the distributed software is responsible for defining the permissions that his own program needs, it often leads to programs having excessive privileges after installation\footnote{It is important to mention, that although this flaw remains unmitigated, the analysis made by Dunlap et al. 2022 \cite{DunlapMAC} shows that most package maintainers actively attempt to define least-privilege application policies.} without any notification of the user.