it gives the permission
No.
The permission is already there.
Think about it:
The kids have no root account. So AppImage cannot magically create permissions out of thin air that were not already there.
You need to learn about how Unix permissions work.
appimage no need root to install sinceâŚit doesnât install and can use a imaged file structure instead with it s own permission.
this is how an app image can run a wine app for example without wine installed on the computer itself.
Itâs also possible to run a Windows app with a portable version of WINE. This has nothing to do with AppImage itself. AppImage can do no more than a tarball, it just happens that AppImages are more standardized and easier to use.
These âproblemsâ also apply to Flatpak, which is increasingly popular among Linux distributions and any other user-based distribution method. If running 3rd party apps is such a concern to the educational establishment, they should disallow any files in the $HOME directory to be ran as executable.
from what i was able to see, a portable version of wine is hard to setup outside of a premade appimage.(especially without administrator rights)
this is where appimage matter since you can just share a portable setup very easily.and run itâŚ
about locking fully the home it is a bad idea to me since some user still need a bit of freedom .
flatpack is asking for administrator right for installations so it is a more secure way than appimage here âŚ
so nothing new than what i already said. appimage is still a problem since you canât lock it down.
Almost all of that is untrue. There are portable versions of WINE that come in tarballs that you can simply extract and use. Plus, I have no clue what the issue with WINE is. When I was in school, we had fully featured Windows 7 machines and almost everyone chose to play games online in-browser instead of natively on the computers, because it was easier. I think I knew one kid who actually carried around a flash drive with games on it, and I carried around a Linux boot drive to dodge the screen-watching program they used
Flatpak allows for home directory installation with administrator privileges, and thatâs the default on most Linux systems.
Plus, even if these issues were legitimate by any stretch of the imagination, the technology already exists. You canât stop AppImage from existing by saying itâll distract kids, any security measure an educational establishment fails to put in place is their issue and has nothing to do with an application distribution format.
ok then what is untrue?.
you should detail instead of saying this as a blockâŚ
browser games are ok .
you seems to be very old since nowdays most school machines use secureboot to avoid this kind of dodgeâŚ
and use win10 instead of 7.
i m not stoping appimage from existing.
i just think it need more system regulation because it is a big system security flaw⌠and this is worrying for a linux system since linux should be more secure than windowsâŚ
The âsystem regulationâ youâre talking about isnât at all realistic to implement into AppImage, all of what youâre talking about is the job of the operating system. Youâre trying to compare a system package manager like apt to something that is literally just an executable. Imagine AppImage as another way to âzipâ files
Also, the internal squashfs image doesnât have âitâs own permissionâ, it inherits the permissions of the user like all apps do, the reason it can run a portable version of WINE is because it contains all the necessary libraries, not because it magically has root permissions packed inside. Every security flaw youâre talking about can also be achieved by distributing the content of an app inside a tarball or zip, thus is a security flaw of the OS, not of AppImage.
We designed AppImage specifically so that it does not need root rights, to allow users who are not administrators to get application software. But we do not somehow magically increase their permissions on the system. If the same application software was in a zip file rather than in an AppImage, it would be the exactly the same as far as permissions are concerned.
Great article: