Specifically, there should be a strong distinction between the privileges of a USER, and the privileges of a PROGRAM, which should NOT get all the privileges of the user who runs it (actually, it should get none, by default).
It would be nice if someone finally realized this, and fixed the issue, for example by assigning an uid to each user+program combination like Android does.
Like the article says, users nowadays would really like (and sometimes even expect) to run an arbitrary untrusted program WITHOUT it being able to cause any damage.
This includes not being able to put a trojan in $HOME/.profile, logging keystrokes, destroying your documents, etc; fixing all this requires to change the permission model, not paper over ptrace.
Copyright © 2018, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds