@deshipu@yarmo Only sort-of ... Qubes has containers for "a task", and IIRC you can add whatever software you like to that task/domain. (not sure what terminology they use, but each domain is basically a VM+OS, not protected apps)
@yojimbo@yarmo I've heard somewhere that originally UNIX was not supposed to have the open() call exposed to user applications -- you could only manipulate the files you got as stdin, stdout and stderr. Then you could add an open() call that required user interaction to select the file -- handled by the system, not the program. It would solve a lot of problems. Unfortunately, the UNIX security focused on protecting the mainframe from the students that used it, not them from each other.
Gregory's Server
@yojimbo @yarmo I've heard somewhere that originally UNIX was not supposed to have the open() call exposed to user applications -- you could only manipulate the files you got as stdin, stdout and stderr. Then you could add an open() call that required user interaction to select the file -- handled by the system, not the program. It would solve a lot of problems. Unfortunately, the UNIX security focused on protecting the mainframe from the students that used it, not them from each other.