|
|
|
|
|
|
by int_19h
2816 days ago
|
|
|
> but overwriting files it didn't create itself restricted behind a permission prompt It's more nuanced than that. A user might not even have a .bashrc, but you still don't want to allow any random app to create one. In general, it feels like the security model for the FS has to distinguish things that can be executed, and things that cannot. Which it already does on Unix with +x, but then you've got all the scripting languages that cheerfully ignore that, and all the apps that use executable configs etc. If you can fix all those such that +x is required for any source of executable code on the system, then you can just prohibit apps from creating +x files. But the cost of doing that in the existing ecosystem is enormous. |
|
|