On Fri, Jul 14, 2017 at 02:56:34PM -0700, Andrew Lutomirski wrote: > This is only a problem because Flatpak is currently following the IMO > rather busted old Android model. With very few, if any, exceptions, I > think a much better model would be for an application to start with > basically no permissions and to have to ask for fine-grained > permissions as needed. Think iOS but tighter. By default, an app > shouldn't be able to use the network, see what other applications are > installed, or get your unique advertising ID without explicit consent, > let alone access your dotfiles.
I don't agree. With this model, every time you try to do something, you're bombarded with questions asking if you want to do the thing you tried to do. It gets very easy to fall into a default of clicking a bunch of yesses all the time. That serves no *real* security benefit and yet adds to user annoyance. There's gotta be a better way than that. -- Matthew Miller <mat...@fedoraproject.org> Fedora Project Leader _______________________________________________ devel mailing list -- devel@lists.fedoraproject.org To unsubscribe send an email to devel-le...@lists.fedoraproject.org
