[KerrAvon]

Insecurity through obscurity is possible even in open source. See log4j, but there are other examples — and infinite proof of concepts of people breaching repositories. Even on the desktop, you want multiple layers of security to limit potential damage.

Do use Linux on the desktop and be happy if it makes you happy, but don’t smugly assume you’re immune to the outside pressures in today’s world that are causing Apple to institute basic UI security measures on macOS. This isn’t a walled garden issue, it’s “make sure the user knows this binary is doing something that allows it to be a keylogger if the developer is so inclined.”

[wkat4242]

Well yes but Linux has had solutions for this a long time. AppArmor, SELinux.

Some distros like RHEL already bundle apps with profiles that make sure the app can only do what it's supposed to do.

[ilyt]

SELinux in particular is complex enough many vendors just give up and write "disable SELinux" in install manual...

Also it is totally not fit for the "ask user for permission" model.

[cglong]

It worked for Android! https://source.android.com/docs/security/features/selinux

[ilyt]

Android app vendors are not writing their own policies. So there is a lot of code between SELinux and "what's actually usable to the user".

Like, stock RedHat does too, it just took a ton of effort (and bugs) to get there.

But then it is complex problem so its no wonder that the tools to do it are complex too

I wouldn't actually mind android-like permission model for out-of-distro packages (snap/appimage/etc.), maybe a bit expanded so I could say set this this and that folder for the "graphics editng app", and maybe save that as a profile to apply to some other similar app to ease on repetition/alert fatigue.

With maybe a layer to abstract some operations to not be just "allow this(remember choice)". Like file opening, if app calls to open a file I "just" want DM/WM specific open dialogue, with app/container name in the title and select the file to open.

Same for editing, I'd want to be able to just get dialogue "open file for editing", with app name and the permission to edit said file saved for the duration of the session so app doesn't need to re-ask me every time it saves the file.