linuxmemes

20761 readers

1859 users here now

I use Arch btw

Sister communities:

LemmyMemes: Memes
LemmyShitpost: Anything and everything goes.
RISA: Star Trek memes and shitposts

Community rules

Follow the site-wide rules and code of conduct
Be civil
Post Linux-related content
No recent reposts

Please report posts and comments that break these rules!

founded 1 year ago

MODERATORS

poopsmith@lemmy.world

zephyr@lemmy.world

832

Remember kids: Canonical is not your friend. (i.imgur.com)

submitted 11 months ago by RacoonVegetable@reddthat.com to c/linuxmemes@lemmy.world

150 comments fedilink hide all child comments

you are viewing a single comment's thread
view the rest of the comments

[–] jj4211@lemmy.world 6 points 11 months ago

The idea is that the application may want libraries asynchronously of the distribution cadence. Worse, multiple applications may have different cadence and you want to use both (some app breaks with gnome 45 and so it needs gnome 44, and another app requires gnome 46).

Or some pick forks of projects that neglected to change the shared object name or version, so you have two multimedia applications depending on the same exact library name and version, but expecting totally different symbols, or different 'configure' options to have been specified when they built the shared library.

So we have this nifty mount namespace to make believe the 'filesystem' is whatever a specific application needs, and for that to be scoped to just one.

There's also an argument about security isolation, but I find that one to be unfulfilled as the applications basically are on the honor system with regards to how much access it requests of the system compared to a 'normal' application. So an application can opt into some protection so it can't accidentally be abused, but if the application wants to deliberately misbehave it's perfectly allowed to do so.