I read about the New Stuff Manager on some Gnome list recently. Essentially it is a way to download python applets (into the deskbar… I don’t think I know what that is) from the net.
The design is rather scary… as in, maybe it will have signatures of some kind for security. No sandboxing available.
Naturally this area is already addressed in Java; there’s JNLP (aka “Java Web Start”; I never did learn what that acronym stands for. Probably, “Hey, This is Cool”). The idea is that applications are described by some XML, can be downloaded from the web, can be run in a sandbox (or signed and then trusted), can auto-update themselves, and a couple other niceties. I’ve blogged about this all before, since I occasionally play around with the netx implementation.
In fact, my goal with netx goes a bit further than the New Stuff Manager: I want to be able to drag a JNLP link from mozilla to the panel, and have it automatically cache the application for future offline use. As part of this it should also be possible to preload the JNLP cache with useful applications. Most of the pieces to achieve this already exist.
What stops me from finishing it, aside from the usual things, is that I’m not really convinced it serves a need. My own experiments with it have been technology driven — it is fun to play with. And that is fine for playing around. But in terms of, say, putting this into the platform, the question has to be whether it serves a user need.
Right now I don’t think that deployment is the most pressing issue facing Gnome. It seems unlikely to me that it is even on the top 5 list… instead Gnome seems to be in a more serious existential crisis, trying, once again, to decide what it is all about.
That said, there are situations where being able to download little runnable bits in a secure way does make sense. I’m thinking about Apple’s dashboard here — an area where applications are small, highly specialized, and perhaps topical or timely (e.g., I saw one for tracking world cup scores). One way to approach the security problem might be to simply restrict all downloads to gnome.org, and then have a vetting process before uploading anything; but this is really second best to having security designed into the runtime.
Speaking of Gnome — lately I’ve been wishing that Gnome had a “task manager”, which would sit in the notification area and track long-running tasks for me. This would let me start something (a download, a build in Eclipse — even a “make” with some little wrapper script) and then switch virtual desktops (or hide the application), so I could ignore it until it was finished, at which point it would pop up a helpful notification. Perhaps the applet would have a way to cancel the task a well.Â Is this loony?Â Has anybody else wanted this?