macOS at least has some basic sandboxing by default. You can circumvent it, of course – and many of the same people complaining about porous security models would complain even more loudly if they could not circumvent it, because “we want to execute code on our own machine” (the tension between freedom and security).

By default, folders like ~/Documents are not accessible by any process until you explicitly grant access. So as long as you run your code in some other folder you’ll at least be notified when it’s trying to access ~/Documents or ~/Library or any other destination with sensitive content.

It’s obviously not a panacea but it’s better than nothing and notably better than the default Linux posture.

▲

quotemstr 5 days ago | parent [-]

> By default, folders like ~/Documents are not accessible by any process until you explicitly grant acces

And in a terminal, the principal to which you grant access to a directory is your terminal emulator, not the program you're trying to run. That's bonkers and encourages people to just click "yes" without thinking. And once you're authorized your terminal to access documents once, everything you run in it gets that access.

The desktop security picture is improving, slowly and haltingly, for end-user apps, but we haven't even begun to attempt to properly sandbox development workflows.

	▲	chatmasta 5 days ago \| parent [-]
		Yeah, it does say “Do you want to grant Terminal.app access to ~/Documents?” I agree this should be more granular to the actual process/binary attempting the access. Or at least there should be an option like on iOS, to grant access but “just this once.” That way you know it’s the program you just ran, but you aren’t granting access to any program you execute in the terminal in perpetuity. But I’ve yet to grant it since I treat that prompt as an indication I should move the files I’m trying to access into a different directory.