Sandboxed file access
Posted Sep 5, 2012 9:33 UTC (Wed) by khim
In reply to: Sandboxed file access
Parent article: Ubuntu's new app developer upload process proposal
Also, you should look at Qubes, from the previous post, which is actually attempting to be a secure desktop OS.
Well, it tries to build a secure desktop OS, but, as usual, in the end it'll create secure server OS. On desktop the biggest problem is Dancing pigs problem. MacOS and Ubuntu are trying to solve it by making it inconviniet for the end-user to give full access to the homedir (you need to select files one-after-another to give them to the application). This works: user will send comple of dozen of his (or her) files to-god-knows-where but s/he'll quickly become bored and will just close the program without obtaining these valuable dancing pigs. Not an ideal outcome but much better then what we have today. If you'll add the ability to request the user to open a directory and get access to all children developers will start asking for the access to
/home/<username> right and left and dancing pig trojans will follow.
to post comments)