Given this week’s release of Flatpak 1.17 for app sandboxing, open-source developer Sebastian Wick published a blog post on Tuesday around the latest Flatpak developments and a look ahead at some of the feature development planned. Arguably most significant of that is the plans for systemd-appd.
Sebastian Wick and Adrian Vovk are planning to develop “systemd-appd” as a new service to allow querying running app instances. The plans for systemd-appd are for being able to authenticate Flatpak instances and working towards a goal of supporting nested sandboxing. This will also be useful for work around PipeWire, eliminating the D-Bus proxy, and other modernization work.
Moving forward Flatpak and Flatpak-Next development is going to work on code in the areas of:
– Work on the systemd-appd concept
– Make varlink a feasible alternative to D-Bus
– D-Bus filtering in the D-Bus daemons
– Network sandboxing via pasta
– PipeWire policy for sandboxes
– New Portals
The systemd-appd at this point still needs to be developed but will be interesting to see how it turns out along with these other interesting Flatpak developments.
Those wanting to learn more about these efforts can do so via reading Wick’s blog.
