Hacker News new | ask | show | jobs
by gf000 533 days ago
Or maybe the Linux Desktop (used by a couple of people) should use more code from the android project (which is the biggest OS on the Earth)

The latter has sane sandboxing, proper IPC, an app lifecycle that makes sense for embedded devices (an app in the background should only ever take CPU time if it has an explicit service with permission for that) etc.
1 comments
zozbot234 533 days ago
Plain old Linux has these features. For example:

> an app in the background should only ever take CPU time if it has an explicit service with permission for that

You can run your services in a cgroup and use "freeze" and "thaw" support for that purpose.

link
gf000 533 days ago
It doesn't have it, because this is like security. You either have it everywhere, or it doesn't matter.

Sure, the Linux kernel is very capable, but the "gnu" userspace doesn't make good use of its features. Android makes much better use and has a bunch of software that could be re-used on the former as well.

link
ykonstant 533 days ago
Is the reason GNU doesn't use these kernel features aggressively that they want to be portable? Or something else?
link
zozbot234 533 days ago
Freezing background apps just isn't needed all that much if you run a fully FLOSS system. It's much more of a concern for proprietary software where you don't have the source code available. There's a similar story for sandboxing actually, it's not a coincidence that it's been getting more popular as proprietary apps have been made widely available via Flathub and the like.
link
gf000 533 days ago
What, FLOSS systems run on unicorn blood or what?

There is a reason why Pinephone and similar run hot as hell for a couple of hours of uptime only. But Linux laptops also have a terrible track record here. It has nothing to do with privacy, it's purely there to properly save energy.

And come on, Linux Desktop has terrible security, just because no one targets the 3% marketshare doesn't mean that they are safe at all. Especially that security is independent of "proprietariness". You can have, say, an open source PDF reader with a vulnerability - you only need to open a malicious PDF file to have your system corrupted. Putting our heads into the sand is not a good idea.

link
nextaccountic 533 days ago
You "can" in the sense that the kernel technically supports, but realistically, who does that for all programs they use?

Android userland is actually better designed in some ways

link