Theme fund: NGI0 Entrust
Start: 2023-02
Operating Systems

Spectrum Applications

Add running graphical applications to the compartmentalized desktop OS Spectrum

Spectrum is a project that aims to develop a secure, compartmentalized desktop operating system with security and usability improvements over other existing implementations. This project will improve Spectrum's support for running graphical applications. Currently, users have to manually create virtual machines by laying out a configuration directory themselves (or using a helper Nix function). Running a new application often requires some customisation work on the VM to set up the environment suitably for the application to run and defining access controls - and there is no facility to create a VM on the fly.

After this project is done, the system will be able to automatically start VMs on the fly for applications packaged as AppImages, and applications will be able to dynamically request access to files using the existing XDG Desktop Portals interface that is already implemented by major toolkits (so File→Open… will just work in unmodified applications, with the user able to select from all their files without the application being able to see them). The foundations will have been laid to go on to support applications packaged in other ways, such as Flatpak (which could be follow-up work, should this initial stage be successful).

This project was funded through the NGI0 Entrust Fund, a fund established by NLnet with financial support from the European Commission's Next Generation Internet programme, under the aegis of DG Communications Networks, Content and Technology under grant agreement No 101069594.