Comment by Dig1t

Comment by Dig1t 3 days ago

4 replies

View on Hacker News

Mac and iOS have something that is almost exactly the same as this called sandboxing. When a daemon or app starts one of the first things it does (usually right inside of “main”) is enable the sandbox and declare which resources to whitelist, everything else is denied.

It is only useful for guarding your own process against someone using malicious inputs to get your process to do something you don’t intend. It is not a guard against programs written by malicious actors (malware), there exist other mechanisms to guard against malware.

fragmede 3 days ago

Linux has selinux and apparmor already.

Reply View 3 replies
  • staticassertion 3 days ago

    SELinux and Apparmor are typically configured by admins. They require root privileges and are designed with human interfaces. It is certainly atypical for a program to say "hey kernel, apply this apparmor profile to me" and they're not designed for incrementally dropping rights either.

    On Windows and MacOS programs are free to sandbox themselves programmatically and without privileges. Linux is the odd one out, basically every way of reducing your privileges programmatically requires already being root or at least having an admin preconfigure the system in a way that would allow it.

    Reply View 0 replies
  • baq 3 days ago

    Which both are so hard to get correctly that everyone on the desktop disables them. Ergonomics matter.

    Reply View 1 reply
    • preisschild 3 days ago

      Thats not true. Fedora has SELinux enabled by default and I dont have issues with it.

      Reply View 0 replies