I’m pleased to share that our paper, “A Study of Application Sandbox Policies in Linux,” will appear at SACMAT 2022 in June. In this work, WSPR PhD student Trevor Dunlap, in collaboration with his co-advisors Will Enck and myself, examine the brave new worlds of Linux desktop application distribution: Flatpak and Snap. These competing platforms are already used by millions, and will likely become the defacto method of distributing apps on Linux moving forward — complementing if not replacing traditional package managers like apt and yum. Our paper examines the sandbox policies of these systems, finding that package maintainers seem to be doing their level best to implement least-privilege policies, but occasionally get it wrong — leading to failed functionality or creating chances for compromise. More details soon!