App confinement for Ubuntu mobile devices
Posted Apr 25, 2013 8:56 UTC (Thu) by ovitters (subscriber, #27950)
Posted Apr 25, 2013 9:32 UTC (Thu) by khim (subscriber, #9252)
It's not just non-free applications. Even free applications can be buggy. Unix permissions and the whole security model was invented for the world where large iron machines server tens or may be hundreds of users and you need to protect users from other users. In today's desktop world this deteriorates to this XKCD strip. Practically speaking today Linux desktop "security" is much closer to MS DOS security model then to any other security model.
I know these things take time but this is getting ridiculous: change in security happened twenty years ago when Internet become ubiquitous yet Linux security model is still centered around "one standalone large machine with hundreds of terminals" which is barely ever used anymore.
Posted Apr 26, 2013 11:37 UTC (Fri) by sorpigal (subscriber, #36106)
Posted Apr 26, 2013 16:08 UTC (Fri) by dlang (subscriber, #313)
Posted Apr 26, 2013 19:12 UTC (Fri) by dtlin (✭ supporter ✭, #36537)
Each user gets a different UID space so every (user × app signature) gets a different UID. I'm not sure what you mean by "fun", this part seems pretty straightforward.
Having mostly-separate data and settings (with a few globals shared between users) is the interesting part, but that's probably equal amounts of fun with either 2 or M+N UIDs.
Copyright © 2017, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds