|
|
|
|
|
|
by Gigachad
28 days ago
|
|
|
These kinds of permissions lists have been mostly a failure in history. Users see a massive list of permissions, or permissions constantly changing between updates and just ignore them because there’s no way to reasonably audit them or take any action on them. Securing VS code would require making malware that has access to the system impossible, not just making it add a permission to the permission list. |
|
|
Also, historically, permission lists have been fine-grained but too coarse at the same time, meaning they were "fine" in the wrong way, based on what is easy to implement instead of what the user needs.