## Copyright (C) 2012 - 2025 ENCRYPTED SUPPORT LLC <adrelanos@kicksecure.com>
## See the file COPYING for copying conditions.

Source: sandbox-app-launcher
Section: misc
Priority: optional
Maintainer: Patrick Schleizer <adrelanos@kicksecure.com>
Build-Depends: debhelper (>= 13), debhelper-compat (= 13), dh-apparmor
Homepage: https://www.kicksecure.com/wiki/Sandbox-app-launcher
Vcs-Browser: https://github.com/Kicksecure/sandbox-app-launcher
Vcs-Git: https://github.com/Kicksecure/sandbox-app-launcher.git
Standards-Version: 4.7.2
Rules-Requires-Root: no

Package: sandbox-app-launcher
Architecture: all
Depends: sudo, bubblewrap, apparmor, libseccomp-dev, helper-scripts,
 dbus-x11, ${misc:Depends}
Description: application launcher to start apps in a restrictive sandbox
 sandbox-app-launcher runs each app as its own user, in a bubblewrap sandbox
 and confined by apparmor.
 .
 The directory, `/shared`, is shared across all app sandboxes to transfer
 files across.
 .
 This implements a permissions system to configure what apps can access.
 There are currently 5 available permissions:
 .
  * Network access
 .
  * Webcam access
 .
  * Microphone access
 .
  * Shared storage access (read-only or read-write)
 .
  * Dynamic native code execution
 .
 All apps the user installs will be automatically configured to run in
 the sandbox and a prompt will ask the user which permissions they wish to
 grant the application (not implemented yet).
 .
 Currently a WIP and not for actual use.
