top | item 36178624

(no title)

Perhaps you missed the part about not needing distro-specific packagers by providing a way to run third party apps without having to trust third party packagers. You can deny access to the camera or filesystem or network without ever auditing the source code and trust that the software cannot misbehave in that aspect.

This isn't a knock on the value of package managers or maintainers. It's just an obvious step in better security. It seems silly to argue that integrity among package maintainers is the only safeguard we need. I personally like the little piece of plastic that my laptop has that slides across the built-in camera. It's not a software solution, or even an electronic safeguard. It's even better than the little DIP switch on my phone. I say, why not?

discuss

matheusmoreira|2 years ago

We could have both though. They aren't mutually exclusive. Also important is the option to intercept system calls and return fake data to the software. Give it a silent audio, black video, a limited view of the file system. That lets us control proprietary software that gets pissy when permissions are denied.