[Openmcl-devel] Apple To Require Sandboxing For Mac App Store Apps - Slashdot
tfb at tfeb.org
Mon Nov 7 21:44:40 UTC 2011
On 7 Nov 2011, at 20:21, Robert Goldman wrote:
> As a user of an Android phone, I would not endorse this as a panacea.
> It burdens the users with a flood of information, of dubious usefulness
> (even the current set of privilege classes is a lot, and it is quite
> gross compared to a useful ACL scheme), and which most users are
> unprepared to manage. It seems like a far-from-optimal point in the
> complexity versus information tradeoff.
That doesn't really describe what I'm thinking of. My idea is that in the app store there would be a class of applications which are "safe" in the "are sandboxed" sense, and that almost everything would be in this class. These would be like iOS apps or whatever - you should basically be able to assume they won't be able to nuke your machine (or leak your private data, which is worse). For the small number of things *not* in that class you would need to make a more informed decision: "this is a development environment, it can ...", "this is a new release of the OS, it has unbounded HW access", and so on.
I definitely was not thinking that for every thing you installed you'd have to evaluate whether you were happy with some complicated privilege vector.
More information about the Openmcl-devel