If only more Linux programs followed sandboxing best practices... - eviltoast
  • IverCoder@lemm.eeOP
    link
    fedilink
    English
    arrow-up
    17
    arrow-down
    1
    ·
    edit-2
    1 year ago

    An app should not be able to access stuff the user did not consent to letting access.

      • IverCoder@lemm.eeOP
        link
        fedilink
        English
        arrow-up
        3
        ·
        edit-2
        1 year ago

        The file picker API is there to allow apps to access and save files with the user’s consent, while bot having any filesystem access. So a properly sandboxed app would be able to open, edit, and save files wherever the user wants, while not having access to any other irrelevant files, such as your .bashrc or memes folder.

      • SuperIce@lemmy.world
        link
        fedilink
        English
        arrow-up
        11
        ·
        1 year ago

        Even if I trust the app, it may have security bugs. Still better to have it sandboxed.

      • IverCoder@lemm.eeOP
        link
        fedilink
        English
        arrow-up
        3
        ·
        edit-2
        1 year ago

        Well, no matter how I trust my photo editing app, it has no business accessing my thesis documents. Proper filesystem sandboxing does security properly.