LWN.net Logo

Not logged in

Log in now

Create an account

Subscribe to LWN

Recent Features

LWN.net Weekly Edition for May 23, 2013

An "enum" for Python 3

An unexpected perf feature

LWN.net Weekly Edition for May 16, 2013

A look at the PyPy 2.0 release

Printable page
Weekly edition Kernel Security Distributions Contact Us Search
Archives Calendar Subscribe Write for LWN LWN.net FAQ Sponsors

Sandboxed file access

Sandboxed file access

Posted Sep 5, 2012 9:33 UTC (Wed) by khim (subscriber, #9252)
In reply to: Sandboxed file access by geofft
Parent article: Ubuntu's new app developer upload process proposal

Also, you should look at Qubes, from the previous post, which is actually attempting to be a secure desktop OS.

Well, it tries to build a secure desktop OS, but, as usual, in the end it'll create secure server OS. On desktop the biggest problem is Dancing pigs problem. MacOS and Ubuntu are trying to solve it by making it inconviniet for the end-user to give full access to the homedir (you need to select files one-after-another to give them to the application). This works: user will send comple of dozen of his (or her) files to-god-knows-where but s/he'll quickly become bored and will just close the program without obtaining these valuable dancing pigs. Not an ideal outcome but much better then what we have today. If you'll add the ability to request the user to open a directory and get access to all children developers will start asking for the access to /home/<username> right and left and dancing pig trojans will follow.

(Log in to post comments)

Copyright © 2013, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds