|
|
|
|
|
|
by egsmith
5348 days ago
|
|
|
Is that really the complete list of privledges? It says a child process can inherit the sandbox but not that a child process can be created. I mention it because I think the plug-in issue could be solved with child processes and sockets, or something similar. Also, a typical program now can't access a generic thunderbolt device directly (it would be done via the file system which is a possible privilege). Thunderbolt devices are in PCI address space and this needs to be done via the kernel even now. But it does raise a question: What about 3rd party device drivers? All in all, I think most of these sandbox arguments underestimate developer creativity. |
|
|