| ▲ | robenkleene 2 days ago | |||||||
I comment on the Mac App Store part here https://news.ycombinator.com/item?id=44952088 > But once an app has free reign to read and write anywhere on a shared folder, it defeats the purpose as opposed to being able to read and write to the apps own folder and the user can choose a file from another folder explicitly. Not sure I'm following this statement, isn't just being able to read/write to a shared folder a large improvement over an app being able to write to the entire file system (user-permissions allowing, granted)? I.e., "it defeats the purpose" seems like an odd phrase to use there? (For the record, I wish all this sandboxing/entitlement-based security stuff didn't exist on desktop computers [my priorities are clearer from my linked to comment], so I'm probably wrong person to ask anyway, but I was missing what you meant there.) | ||||||||
| ▲ | JustExAWS 2 days ago | parent [-] | |||||||
The only part of my computer I care about are my own files and of course things like passwords in the Secure Enclave. If the operating system gets hosed (see the former Chrome bug where if you turned System Integrity Protection off and installed Chrome it hosed your entire OS), that’s an annoyance. But recoverable. It’s actually the concept of an old XKCD | ||||||||
| ||||||||