• Rustmilian
    link
    English
    1
    edit-2
    6 months ago

    It’s a bit hard to understand what she was saying because she likes super low level, even for me. But she’s was talking about how the VM is created & then the driver gets mapped directly into the VM. It’s a really interesting concept.
    I’ll have to go back when the steam ends and pay closer attention to further grasp it.

    • @[email protected]
      link
      fedilink
      16 months ago

      It really is cool, miniature VMs are such a good concept for security like QubesOS but actually possible.

      ChromeOSs Linux VM is also crazy. It is a VM, running a container image. Actually is that krun?? It seems similar.

      Then the stuff is streamed to the wayland compositor and displayed like regular windows.

      Such a cool, secure and minimalist concept.

      • Rustmilian
        link
        English
        1
        edit-2
        6 months ago

        Speak of containers, you just reminded me of Waydroid, such a cool underrated project.
        All this stuff is really really cool. Anything that allows running software from completely different OS’s and Architectures are just a wonder and they help with software preservation which is very important to me.

        • @[email protected]
          link
          fedilink
          16 months ago

          Poorly Waydroid is just vaguely secure on Distros that use SELinux, as Android uses it as a major part of its app sandboxing (called SEAndroid).

          So if you run Waydroid on Ubuntu, which will be the most common way, (and to my knowledge was the first possible one, until aleasto packaged it on Fedora), you will have no sandboxing at all.

          Also the Waydroid container runs as root, even though unprivileged containers can also get access to all the stuff needed. Most notably, Bluetooth doesnt even work, even though Waydroid runs as root, lol.

          Waydroid is a perfect exable of a hacked solution simply ran as root, to circumvent any real solutions for the needed access.

          Also it uses Android 11, which for some reason I forgot was easier to port.

          The concept is cool though, just needs

          1. Upgrading to Android/GrapheneOS 14
          2. Running in a rootless and restricted container
          3. OR running in a VM, so that SELinux can work on all distros
          • Rustmilian
            link
            English
            1
            edit-2
            6 months ago

            Waydroid uses LXC in the backend, this should help with your networking issues, and 3rd party tools allow for installing Android 13 on it, among ARM translation layers & Magisk.

            • @[email protected]
              link
              fedilink
              16 months ago

              Yes, a rootful LXC container. At least to my knowledge.

              Thanks but Bluetooth, gabeldorsche, not network.

              And Android 13 is not 14, even though very interesting, didnt know that.

              • Rustmilian
                link
                English
                1
                edit-2
                6 months ago

                You’re right. Sorry, I haven’t slept for like 48hrs. Words moving around and changing way more than usual (dyslexia on crack rn).

                  • Rustmilian
                    link
                    English
                    16 months ago

                    Thanks for your concern 😚, I went to bed after sending that. Still tired, but I’m off work today so I’ll probs take a nap later. ❤️