|
|
|
|
|
|
by alphazard
1188 days ago
|
|
|
I'll take the other side of this. We have this concept of applications being "well behaved" if they only read and write from parts of the filesystem that users expect. The XDG directories are what most linux and macOS users expect, even if they don't know about the standard. This well-behavedness feeds into the larger idea of high quality software. Hiqh quality means users are more likely to recommend it, engineers are more likely to respect the application's authors, etc. The problem with this is that it's all socially enforced, but it's not a social problem, it's a technical problem. The issue isn't that we haven't put enough pressure on developers to read the correct environment variables. It's that we have such a poor isolation story on UNIX that we have to care about where applications read and write from, rather than letting them do whatever they want in a sandbox. Many of the open source docker images are on the right track here. Where does the persistent state go? /data. Where does the configuration go? /config. Where does the cached data go? /cache. All in the most obvious places right at the filesystem root. Those applications would be considered "badly behaved" outside the container, but inside, it's much easier to predict what they will do. |
|
|
Technical enforcement is also not free - it has both a performance and usability cost at applies to everyone not just bad actors. One of the things I like about free software is that it allows for high trust environments because you don't need technical restrictions but can instead rely on people not being dicks. I consider this similar to wanting to live in places where I don't have to worry about locking my doors and closing all windows every time I go to the store.