|
|
|
|
|
|
by yencabulator
894 days ago
|
|
|
I think a key part of solving that is by not thinking of it as a set of security enforcement rules on top of the preexisting platform, but as a new platform (that just runs everywhere). So, instead of ACL listing what files can be accessed, shove it in a sandbox where the app has its own files, and the platform open file dialog enables the user to authorize one-time access to individual files. You basically can't take a complex thing and write complex security rules for it and expect success & real world adoption. |
|
|