|
|
|
|
|
|
by fiddlerwoaroof
1880 days ago
|
|
|
So, my take has been that Apple’s been doing a long push to switch incrementally from a Unix user/group/ACL security mode to a capability model: the various entitlements, things like PowerBox not having an API, notarization, etc. The big issue I’ve always had with capability security (as implemented here and in Fuschia) is that, while it is a better security model in many ways, it’s also a lot easier to use against developers and power users, especially when you depend on PKI to implement your unforgeable tokens. |
|
|