[fulafel]

This is probably quite hard to implement without modifying the packaged applications. Needs something like a mechanism of pausing, instead of denying, a system call in the kernel and calling back to userspace, which would then load new policy into the ruleset on the fly and resume execution. Oh and reverse engineer the high level intent of the user / application far enough to present an intelligible question to the potentially nontechnical user.

Maybe some antivirus etc products manage to seemingly do things like this on Windows platforms, but they have generous support from the platform developed over decades, are executing custom 3rd party kernel drivers, are unhindered by opinionated kernel developers blocking the feature due to their distaste for these hacks, and the resulting system is still unsound and rife with stuff like TOCTOU vulnerabilities, and the prompts are not intelligible to nontechnical users.

[KronisLV]

Doesn't this imply that Linux is falling behind somewhat in the area of permissions management? Personally, i think that limiting access to files and such based on users and groups simply isn't enough and instead the user should be prompted (or should be able to configure) which piece of software is allowed to do what (network access, file system access, talking to specific devices) based on their own individual needs.

> Oh and reverse engineer the high level intent of the user / application far enough to present an intelligible question to the potentially nontechnical user.

I don't believe that this is such a big problem, since Android is pretty explicit about this - a camera app asking for access to my contacts will simply get denied and will promptly be uninstalled.

[fulafel]

Depends on your POV I guess, whether you think this model is a worthy one. Personally I think we'd be better off building simpler and more understandable compartmentalization.

Re Android, it was designed from the ground up for this (the camera app request is even called "Intent"). So it's not really solving the question of running unmodified applications.

[blablabla123]

Isn't this something that was addressed already years ago by SELinux, even before Android? Personally I prefer to not use it since I don't find it very user friendly but Fedora seems to have it activated by default.

[user-the-name]

> Doesn't this imply that Linux is falling behind somewhat in the area of permissions management?

This happened years ago. Linux is way behind.

[pjmlp]

Android only uses the Linux kernel, everything else is completly unrelated to GNU/Linux, besides the lockdown enforced via LinuxSE and seccomp, so Google could naturally make this kind of customization.