|
|
|
|
|
|
by ilyt
1324 days ago
|
|
|
Well, kinda. For user, sure, but we could definitely get some security from having more granular permission for apps that the user runs (without going into extremes like Qubes OS). For example, sound demon like pulseaudio runs as your user (...for some reason, fucking Lennart) but it really should not have write access to anything aside from its own config and for 99,99% users also not have access to read anything your user owns aside from its own config. Even browsers should probably be limited, or user should at least get prompt, there is little reason to allow browser to dig around your system willy nilly, let alone in locations like ~/.ssh |
|
|