Comment by ImPostingOnHN

3 days ago

> That covers probably literally a majority of all software on your computer

If you're running GNU/Linux, chances are you'll have hundreds, if not thousands, of pieces of software that run totally unsandboxed.

Yes, a very small minority of applications are unfortunately primarily distributed via flatpak or snap, and the distributors don't care about the user experience, so it's error-ridden and problem-ridden, but chances are you can get a "normal computer program" version of it unencumbered by such grossness.

4 comments

ImPostingOnHN

Reply
Groxx  3 days ago

And tons won't be part of e.g. root, or dialout (to pick one I've had to deal with a lot lately), or many other more-privileged-than-default groups, yes. That's a permissions system working as intended.

Besides. They said "all software on your machine". That is trivially false, to a significant degree.

  • ImPostingOnHN  2 days ago

    I was pointing out that the claim that "literally a majority of all software on your computer" runs sandboxed is also trivially false, to a significant degree

    • Groxx  2 days ago

      A majority have more access controls than obsidian plugins, yes. I think that's fairly safe to say, given that new system installs often have hundreds of processes already running.

      Sandboxing, at least in the sense of easily configurable access with default deny on most even somewhat sensitive things: agreed, sandboxing is fairly uncommon in general, definitely not a majority on most systems. When ignoring the elephant in the room: mobile OSes.

      1 reply →