Comment by dcow

3 days ago

Even though it’s completely normal to us and in widespread use, GP is a reminder that conceptually it’s a broken model. Security should be capability-based not user-based. And to anyone who didn’t grow up on a desktop this model makes complete sense since it’s what your phone uses.

Android uses one uid per app.

  • Yes, it was a step in the right direction at the time. But there are plenty of well-documented warts with the approach which Fuchsia aimed to solve via capabilities (and which the Linux community general solved via crun).