I want to know whether fedora as linux does it have proper sandboxing for security like aosp or graphene os.
If not then will it be implemented in next release.
Propersandboxing gives better security and privacy. What we think.
Graphene OS and AOSP are Android operating systems based on the Linux kernel. “Sandboxing” in Android comes from the way APK works, which creates “sandboxes” for each APK installed in order to isolate them from the rest of the OS. Graphene OS adds a few features to the “sandbox”, namely, some configuration settings to tweak how the sanbox runtime handles permissions to the base OS.
A similar concept in Linux (and computing in general) is Containers, for which Linux has had support for several years, and before that there were “BSD Jails” for BSD systems, which are similar to Linux systems in a lot of ways, but differ on some pretty fundamental levels.
Fedora, like almost all Linux distributions available today, has support for Containers natively through a few mechanisms. Podman is a personal favorite of mine and boasts almost no setup to get started. Docker is another tool that will allow you to run containers and has the benefit of being one of the first container tools aimed at ease of use for developers. Flatpak uses container technologies under the hood and is quickly becoming the gold standard for distributing software across Linux distributions.
If you’re very concerned with security specifically, and privacy in general, I highly recommend taking a look at Fedora Silverblue which is centered around keeping the base system small, immutable, and container friendly, among other things.
5 Likes