|
|
|
|
|
|
by SoftwareMaven
5060 days ago
|
|
|
That's what the Mac App Store is starting to do, but unfortunately, it's "completely sandboxed in the store" or "not in the store". I'd like a model that started completely sandboxed but let me choose if I want to let it out of the sandbox in certain, well-monitored cases. |
|
|
That's exactly what I mean. I envisage something kinda like Windows 7's UAC dialogs, but more specific than "this program wants root! [allow] [deny]" -- more along the lines of "this program wants to install a driver / write to such-and-such protected files (its own program folder/anywhere in Program Files/the Windows folder/...) / low-level disk access / to run at startup / etcetc [allow] [deny]".
Actually, I'd specifically forbid "all permissions" as an option; an enumeration of every permission a program wants would make the user more likely to notice unreasonable requests than a single item would, even if that single item's actually "everything". I get the impression, from seeing ordinary users dealing with UAC, that they don't usually appreciate quite how much power they're giving programs when they hit "allow".
I believe that's similer to what SELinux does, although I've never used it beyond observing its presence on university-owned computers.