|
|
|
|
|
|
by codedokode
1122 days ago
|
|
|
> Applying capability models to these executables will require OS support or containerization, but the overhead for memory and disk will be huge. This is because most OSes use outdated security model where the app gets all privileges by default and poor users have to build containers to revoke them, that's why there is an overhead. If the extension only has access to project files then all applications launched by it should inherit its restrictions. |
|
|