Email or username:

Password:

Forgot your password?
Top-level
ɗℯʃƕρʋ

@yarmo Honestly, why even do they have access to that directory (or to any other file that doesn't belong to the application, and wasn't explicitly selected by a user), where also all the passwords and hashes and such are stored?

7 comments
CMDR Yojimbosan UTC+(12|13)

@deshipu @yarmo The 'app store' or mobile-phone-os approach seems like its catching on.
We need a desktop OS that treats non-core software like a potential threat, rather than an obviously-trusted insider.

CMDR Yojimbosan UTC+(12|13)

@deshipu @yarmo Only sort-of ... Qubes has containers for "a task", and IIRC you can add whatever software you like to that task/domain. (not sure what terminology they use, but each domain is basically a VM+OS, not protected apps)

ɗℯʃƕρʋ

@yojimbo @yarmo I've heard somewhere that originally UNIX was not supposed to have the open() call exposed to user applications -- you could only manipulate the files you got as stdin, stdout and stderr. Then you could add an open() call that required user interaction to select the file -- handled by the system, not the program. It would solve a lot of problems. Unfortunately, the UNIX security focused on protecting the mainframe from the students that used it, not them from each other.

Rodolphe

@deshipu @yojimbo @yarmo I'd say SubgraphOS is closer to that than Qubes is. Qubes is using containers whereas Subgraph uses sandboxing. Linux can already do all that, it just that we're lacking the UI to manage that.

CMDR Yojimbosan UTC+(12|13)

@rodolphe @deshipu @yarmo Cool, I hadn't seen SubgraphOS before.

My first thought is that it's combining security-from-applications with anonymity-from-the-internet using Tor, and I'd rather concentrate on the app security end. github.com/subgraph/oz/wiki/Oz looks like that piece, I'll enjoy reading about it ...

4censord

@deshipu @yarmo apps running in flatpack are like this.
If you want to open a file from the host, you get the system file picker.

Go Up