|
|
|
|
|
|
by EvilTerran
5065 days ago
|
|
|
let me choose if I want to let it out of the sandbox in certain, well-monitored cases That's exactly what I mean. I envisage something kinda like Windows 7's UAC dialogs, but more specific than "this program wants root! [allow] [deny]" -- more along the lines of "this program wants to install a driver / write to such-and-such protected files (its own program folder/anywhere in Program Files/the Windows folder/...) / low-level disk access / to run at startup / etcetc [allow] [deny]". Actually, I'd specifically forbid "all permissions" as an option; an enumeration of every permission a program wants would make the user more likely to notice unreasonable requests than a single item would, even if that single item's actually "everything". I get the impression, from seeing ordinary users dealing with UAC, that they don't usually appreciate quite how much power they're giving programs when they hit "allow". I believe that's similer to what SELinux does, although I've never used it beyond observing its presence on university-owned computers. |
|
|