IverCoder@lemm.ee to Linux@lemmy.mlEnglish · 3 年前If only more Linux programs followed sandboxing best practices...i.imgur.comexternal-linkmessage-square96linkfedilinkarrow-up1563arrow-down133
arrow-up1530arrow-down1external-linkIf only more Linux programs followed sandboxing best practices...i.imgur.comIverCoder@lemm.ee to Linux@lemmy.mlEnglish · 3 年前message-square96linkfedilink
minus-squareSuperIce@lemmy.worldlinkfedilinkEnglisharrow-up11·3 年前Even if I trust the app, it may have security bugs. Still better to have it sandboxed.
minus-squareFedora@lemmy.haigner.melinkfedilinkarrow-up3·3 年前Software supply chain attacks exist, you know?
minus-squareIverCoder@lemm.eeOPlinkfedilinkEnglisharrow-up3·3 年前Well, no matter how I trust my photo editing app, it has no business accessing my thesis documents. Proper filesystem sandboxing does security properly.
minus-squaremdurell@lemmy.worldlinkfedilinkarrow-up1·3 年前I would argue this is only for apps you CAN trust. Bad actors gonna act badly.
deleted by creator
Even if I trust the app, it may have security bugs. Still better to have it sandboxed.
Software supply chain attacks exist, you know?
Well, no matter how I trust my photo editing app, it has no business accessing my thesis documents. Proper filesystem sandboxing does security properly.
I would argue this is only for apps you CAN trust. Bad actors gonna act badly.