On Fri, 01 Aug 2025 at 11:23:41 +0200, Wouter Verhelst wrote:
Parental controls don't need a separate section. They need you to not
give root access to the child.
No amount of parental-controls integration is going to prevent someone
with root access from bypassing it, because the whole point of root
access is that it's total control over the system, including the ability
to add and remove parental-controls software.
I could see us perhaps add a field to debian/control to say "in
jurisdiction X, this package is considered acceptable for people over Y
years of age", and then add some controls in apt to disallow it to
install packages marked as such
It's perhaps worth mentioning that Flatpak (which does allow installing
apps without root access) has a simple implementation of parental
controls via OARS <https://hughsie.github.io/oars/> metadata in the
apps' Appstream metadata. The actual parental controls bit is the
malcontent package (which I believe was originally developed for Endless
OS, a Flatpak-centric Debian derivative), Flatpak just talks to it.
The quakespasm and crispy-doom packages are examples of .deb packages
that contain non-trivial OARS metadata in their files in
/usr/share/metainfo. An OARS rating is a requirement for Flatpak apps to
be added to Flathub, and Appstream encourages sending all metadata
upstream instead of maintaining it as a distro patch, so lots of other
apps have one, even if the content rating is "there is nothing
potentially objectionable here" (for example see gnome-calculator).
If this is something we want in the apt/dpkg ecosystem (more likely as
an advisory thing than as a "gate", for the reasons above), then reusing
the OARS vocabulary and its encoding into the Appstream metadata seems a
lot more viable than inventing a Debian-specific thing that won't
benefit from work done by other distributions and other packaging
formats.
smcv
