|
|
|
|
|
|
by Const-me
1612 days ago
|
|
|
> Strict control over APIs and power usage These are doable with technical measures. Modern OS kernels are multi-user, when implemented properly, their user isolation features are very hard to break. If an OS doesn’t want apps to have some APIs, it shouldn’t expose that API to apps. For instance, Linux doesn’t allow users to pretend they’re someone else, but that’s not enforces by curation, instead the APIs like setresuid() only work if the caller is a root. Similarly, if the OS doesn’t like high resource usage of background services, it has technical tools to enforce various limits. An easy enforcement method is killing the offending process. For instance, in Windows Phone 7, background audio agents were limited to 15 MB RAM. If a background audio process exceeds that limit, the OS silently kills the process, audio stops playing. When something is doable with technical measures or curation, technical measures are almost always better because the curation is fundamentally unreliable. |
|
|