← Back to context

Comment by oblio

1 day ago

> when literally the only files that matter to me are in /home, which is a free-for-all?

> The home folder's read write is usually restricted to the user.

Yeah, and that is the point. All user's programs including curl, wget, the web browser, anything else that connects to the network run as the user, and all the user's programs, by default, have access to everything inside ${HOME}.

Most people don't really care if /bin gets obliterated, but they do care dearly when /home/joe/photos/annies-2nd-birthday gets wiped.

9 comments

oblio

Reply
skydhash  1 day ago

Protecting a user from himself is hard. Protecting user from others is easy. Linux is influenced by unix and a lot of installations are servers. Where most programs run under their own accounts.

You can always have two user accounts: oblio and unsafe-oblio anf have a shared folder between the two for transferring files. Or invest into some backup software.

TZubiri  1 day ago

Just make another user bro. If you can't even create a user to run a program you distrust, the issue is not that windows doesn't provide sandboxes, it's that you don't use them

And no, it's not "a lot of work" it's the bare minimum

  • oblio  1 day ago

    Yet 99% of the planet doesn't do "the bare minimum", bro.

    We have supposedly all the smartest minds in the world working in tech and they haven't been able to create a simple, cheap, reliable cross platform solution for user data protection, backup and restore.

    It's easier to blame users instead.

    • bigstrat2003  14 hours ago

      > It's easier to blame users instead.

      Yes, because the users are in fact the problem. The options are either to trust the user to make decisions (and technically illiterate users will screw things up for themselves), or lock down the system so that the user isn't allowed to do anything the corporate overlord doesn't let them. There is no middle ground.

      1 reply →

    • Zenul_Abidin  21 hours ago

      I rolled out a home-made backup script in Powershell - just a wrapper around wbadmin that backs up an entire system image and the a standard "Backup and Restore" backup on an external disk once I plugged it in.

      I even signed it and everything.