Remix.run Logo
Remix clone Hacker News
new | show | ask | jobsGithub
vlovich123 4 hours ago

The OS should be mediating such access where it explicitly asks your permission for an app to access data belonging to another publisher.

tekacs 4 hours ago | parent | next [-]

I could certainly see the value in this in principle but sadly the labyrinthine mess that is the Apple permission system (in which they learned none of the lessons of early UAC) illustrates the kind of result that seems to arise from this.

A great microcosm illustration of this is automation permission on macOS right now: there's a separate allow dialog for every single app. If you try to use a general purpose automation app it needs to request permission for every single app on your computer individually the first time you use it. Having experienced that in practice it... absolutely sucks.

At this point it makes me feel like we need something like an async audit API. Maybe the OS just tracks and logs all of your apps' activity and then:

1) You can view it of course.

2) The OS monitors for deviations from expected patterns for that app globally (kinda like Microsoft's SmartScreen?)

3) Your own apps can get permission to read this audit log if you want to analyze it your own way and/or be more secure. If you're more paranoid maybe you could use a variant that kills an app in a hurry if it's misbehaving.

Sadly you can't even implement this as a third party thing on macOS at this point because the security model prohibits you from monitoring other apps. You can't even do it with the user's permission because tracing apps requires you to turn SIP off.

FridgeSeal 3 hours ago | parent | next [-]

> Maybe the OS just tracks and logs all of your apps' activity

The problem here, is that like so many social-media apps, the first thing the app will do is scrape as much as it possibly can from the device, lest it lose access later, at which point auditing it and restricting its permissions is already too late.

Give an inch, and they’ll take a mile. Better to make them justify every millimetre instead.

whstl 3 hours ago | parent | prev [-]

This just sounds like another security nightmare.

We're not in 1980 anymore. Most people need zero, and even power users need at most one or two apps that need that full access to the disk.

In macOS, for example, the sandbox and the file dialog already allow opening any file, bundle or folder on the disk. I haven't really come across any app that does better browsing than this dialog, but if there's any, it should be a special case. Funny enough, WhatsApp on iOS is an app that reimplements the photo browser, as a dark pattern to force users to either give full permission to photos or suffer.

The only time where the OS file dialog becomes limited is when a file is actually "multiple files". Which is 1) solvable by bundles or folders and 2) a symptom of developers not giving a shit about usability.

bhhaskin 4 hours ago | parent | prev | next [-]

This sounds great on paper, but what happens when the OS isn't working for the user like Windows?

hamandcheese 4 hours ago | parent | next [-]

Switch OS.

iwontberude 4 hours ago | parent | prev | next [-]

Windows is dead

pixl97 4 hours ago | parent | prev [-]

I mean this was an app for accessing WhatsApp data, you would approve it and go on... the problem is with it sending data off to a 3rd party.

bhhaskin 3 hours ago | parent [-]

I think you miss understood. If the OS becomes the arbiter of what can and cannot be accessed; it's a slippery slope to the OS becoming a walled garden that only approved apps and developers are allowed to operate. Of course that is a pretty large generalization, but we already see it with mobile devices and are starting to see it with windows and Mac OS.

I don't think we should be handing more power to OS makers and away from users. There has to be a middle ground between wall gardens and open systems. It would be much better for node & npm to come up with a solution than locking down access.

whstl 3 hours ago | parent [-]

The arbiter of what can be accessed should be the user, and always the user. The OS should be merely the enforcer.

Currently OSs are a free-for-all, where the user must blindly trust third-party apps, or they enforce it clumsily like in macOS.

This was fine in 1980 but isn't anymore.

Gigachad 3 hours ago | parent | prev [-]

MacOS does this. It has a popup to grant access to folders like documents.