Another OCI runtime "written in Rust".
Malgré que je sois retombé malade alors que j'ai eu la crève il y a à peine un mois (bien mes anticorps en mousse), j'ai pu faire cet article : https://wonderfall.space/storage-scopes/
En espérant que ce soit assez clair, sinon je peux toujours le modifier. Peace
Here's an example: Tachiyomi is a popular manga reader app with offline features that need the invasive WRITE_EXTERNAL_STORAGE permission. It doesn't need that obviously, and should use scoped storage features + SAF. This isn't a problem with Storage Scopes. :)
Enter Storage Scopes! When you enable the feature for a given app, it will think it has the necessary access to files/media, but it only has access to its own, well, storage scope. Furthermore, you can manually add directories/files access with the system picker, much like SAF.
User profiles were already a powerful to compartmentalize apps further. The same app sandbox rules apply, but you didn't have to fear granting such invasive permissions on a profile w/o your data on it and w/ different encryption keys.
Powerful, but sometimes cumbersome.
That's huge for iOS security! And Safari might suck less:
J'ai publié un nouvel édito, pour parler un peu de tout ou rien : https://wonderfall.space/petit-edito/
I've been working mostly on Accrescent client improvements lately, so I thought I'd give you all an update on apkstat, the APK parsing library I'm writing in Go for the developer portal: https://github.com/accrescent/meta/issues/7#issuecomment-1163723982.
In short, progress is going very well and there's a clear path forward for increasing robustness and achieving parity with upstream.
I believe apkstat is already better than https://github.com/shogo82148/androidbinary (which was very helpful in getting apkstat off the ground btw).
More context: Bromite and Vanadium used to share code together, not so much on the Vanadium-side recently due to licensing issues. But this wasn't a huge issue and GrapheneOS had no problem with Bromite.
It's a problem when the abusers are reusing code from Bromite which was made by GrapheneOS contributors and community members. A bit of decency is required.
Really sad CalyxOS decided to fuck things up between Bromite and GrapheneOS. Context: https://github.com/bromite/bromite/pull/2102
I get what the Bromite devs are trying to say, but you can't just take a neutral stance by refusing to see evidences of abuse. Claims are ready to be backed up by evidences, these are not just random claims.
Bromite is a project I used to like, although I don't use it nowadays. I still hope this is a huge misunderstanding.
I'm interested in many things! Here, I mainly write about infosec, photography, and pharmacology.
Just another single-user instance.