> able to see other people's processes and see who has a home directory just isn't an issue.
Depends on what kind of service you build. For many kinds of services privacy is a must. If you offer some kind of hosted computing or thin client server, it's just not acceptable that different customers see each other. Even within 1 company you might be legally obliged to maintain 100% isolation.
> Achieving that would require far more invasive changes for,
Probably, I have not thought very well about all the open "windows" we have today.
> as far as I can see, zero benefit.
The benefit would be that you can build a multi-user system with complete isolation on a single kernel.
> If you want that kind of isolation, use VMs.
Of course that's what I have to do today because Linux is not multi-user (if strict privacy is required). But the overhead of running VMs is orders of magnitudes higher than of having the isolation inside a single kernel.
Please note that I did not say we need multi-user support.
I'm just saying:
- Multi-user support (where user is a human, not some daemon account in the system) in 2011 requires privacy
- Linux is not multi-user in that sense, it is multi-user in the sense of the 1970s or 80s
- Because the difference is not made obvious, some people write patches, which others don't accept.
- Those who don't accept the patches, don't (dare to?) say clearly that their goal is to support single user systems only.
Copyright © 2017, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds