undefined | Better HN

0 pointscurt151mo ago0 comments

>And today this is.. not sufficient. What we require today is to run software protected from each other. For quite some time I tried to use Unix permissions for this (one user per application I run), but it's totally unworkable. You need a capabilities model, not an user permission model

Unix permissions remain a fundamental building block of Android's sandbox. Each app runs as its own unix user.

0 comments

surajrmal1mo ago

Android sandboxing works in spite of the underlying security model, not because of it. It's also really selinux that does a lot of heavy lifting.

goodthenandnow1mo ago

Subthread from a while ago where I wrote some details on how Android sandboxing architecture uses Linux’s primitives: https://news.ycombinator.com/item?id=40676309

nextaccountic1mo ago

I really want a desktop distro that is based on Android but can run normal desktop apps, fully isolated by default

Can Binder run on desktop, with some non-mainline kernel? Is someone maintaining such kernel with up to date patches?

j / k navigate · click thread line to collapse