[noizejoy]

It’s been too many years, since I had detailed professional involvement with computer and network security, so I apologize if this question is stupid and I’m not even sure, if it’s even phrased quite right by modern standards:

On a computer shared by multiple people and multiple applications, shouldn’t privileges be assigned at the intersection between user and app (and or groupings thereof)? And if there was some sort of privileges table, it would have a composite key consisting of app-id and user-id.

Is any modern OS actually set up that way and if yes, is there any way to generate a report to show the combination of user/app privileges?

[dasyatidprime]

Last I checked (which was quite a while ago), Android with multi-user support did in fact assign one Linux UID to each (user, app) tuple! But I don't recall there being a particularly rich privilege model available in practice for the multi-user sharing case, only for isolation. Inter-app intents were handled using Binder IPC underneath; I don't know what use that made of the Linux credentials.

Many server applications handle user separation internally, without reference to the underlying OS, while application separation is much stronger (separate VMs, SELinux, etc.), and desktop platforms have user separation but often-unsandboxed apps, so those are in some ways duals of each other…

I'm not sure what Windows does with UWP and sandboxed apps from the Microsoft Store, but that would be a good place to look.

[salawat]

I'm fairly sure that anything permission related has been completely mangled beyond all recognizability in this brave new world of "why should users be burdened with understanding the basic abstractions and mechanics of computing, just give them an app!"

Except now we have two permission problems...