Iavael
Iavael
@jtnord just saying, but you'd better adjust "nofile" rlimit in your image to prevent memory leak. Openldap has some strange magic, which makes it eat a lot of memory and...
This doesn't look secure. At least put this behavior behind environment variable flag.
@l-sousa Make sure that your user is in tss group and group ownership of /var/lib/tpm2-tss (so as all included files/directories) belongs to same group
@Nokia808 that's not how it works. "--user" flag controls only the path, where flatpak is installed (your home directory instead of /var/lib/flatpak), but has nothing to do with runtime permissions...
@Nokia808 your assumptions are correct, but only in case if *you don't run software in flatpak*. Yes, if software runs as your user, it can do only what your user...
@TheAssassin I'll take a deeper look during this week because I have some issues with broadband internet connection now.
Ok, I've finished all adjustments. Ready for review.
@TheAssassin in case, if message about adjustments had been finished got lost among notifications, humbly remind you about my PR being ready for review.
As for software enclaves: I think it's better to utilize OS-provided tools like [keyrings](https://man7.org/linux/man-pages/man7/keyrings.7.html) in linux (kernel ones, not those like gnome-keyring), rather than yet another userspace in-memory storage. Because...