undefined | Better HN

0 pointscodethief7mo ago0 comments

From a security point of view that would be a good idea, or at least making sure you don't need root for everyday tasks. Requiring root to, e.g., install & configure applications is a huge antipattern IMO.

0 comments

jampekka7mo ago

Android of course requires root for installing and configuring applications. It just grants the root automatically.

strcat7mo ago

No, it doesn't. Only a few very core system processes run as root and even those are contained quite a bit via SELinux. The application layer of the OS including installing apps does not run as root or with equivalent access.

oneshtein7mo ago

Developers cannot trust a random phone «owner».

fsflover7mo ago

Have a look at https://qubes-os.org to understand why you're mistaken.

codethiefOP7mo ago

I know Qubes. I meant "requiring root to, e.g., install & configure applications is a huge antipattern" on standard Linux distributions, where most people just use sudo in their usual shell, so an attacker merely needs to take over a non-root user account (and their .bashrc) to get root.

1 more reply

j / k navigate · click thread line to collapse