Subj : Re: NetBSD 10
To   : Gamgee
From : Arelor
Date : Wed Apr 03 2024 17:55:29

  Re: Re: NetBSD 10
  By: Gamgee to Arelor on Wed Apr 03 2024 07:49 am

 > As I said in a previous reply, we may be talking about different
 > use-cases of whatever *nix ...  My case is a simple home LAN scenario,
 > not commercial or large-scale.  I solve privelege/access issues like
 > *nix always has - with user/group settings.  And even that is pretty
 > limited, as I'm basically the only user on my systems.  Wife is a
 > confirmed Win-droid.  :-)

The thing is the traditional *nix user/group settings (which I actually like) are designed to define what an user can and cannot do, in an environment where multiple *nix users share the same machine. They were created under the assumption that every process an user launches is an agent of the will of the user, and therefore should have the same access levels as the user.

In a scenario in which 20 users are timesharing and your main interest is preventing a rogue user from messing up with the rest of the users, that model is fucking great.

The issue is that, as an user, you often don't want your processes to access everything you can access yourself. I can't think of a legit reason for a calculator app to access your SSH and GnuPG keys, for example. Given that modern users run a whole lot of untrusted code, much more than in the old timesharing days, it makes sense to ensure it does not interfere with anything else the user is doing.

I think this sort of privilege segmentation is one of those things Android got actually right and Linux is struggling with. It is not that users "need" it, but it makes for great system hygiene and actually makes it hard for some Chinesse hacker to read your emails because you opened a poisoned *.jpg.
--
gopher://gopher.richardfalken.com/1/richardfalken
--- SBBSecho 3.20-Linux
 * Origin: Palantir * palantirbbs.ddns.net * Pensacola, FL * (21:2/138)

.