I am running a lot of tools inside sandbox now for exactly this reason. The damage is confined to the directory I'm running that tool in.

There is no reason for a tool to implicitly access my mounted cloud drive directory and browser cookies data.

▲

troad 3 hours ago | parent | next [-]

MacOS has been getting a lot of flak recently for (correct) UI reasons, but I honestly feel like they're the closest to the money with granular app permissions.

Linux people are very resistant to this, but the future is going to be sandboxed iOS style apps. Not because OS vendors want to control what apps do, but because users do. If the FOSS community continues to ignore proper security sandboxing and distribution of end user applications, then it will just end up entirely centralised in one of the big tech companies, as it already is on iOS and macOS by Apple.

▲

hibikir 26 minutes ago | parent | next [-]

Yet we look at phones, and we see people accepting outrageous permissions for many apps: They might rely on snooping into you for ads, or anything else, and yet the apps sell, and have no problem staying in stores.

So when it's all said and done, I do not expect practical levels of actual isolation to be that great.

	▲	troad 5 minutes ago \| parent [-]
		> Yet we look at phones, and we see people accepting outrageous permissions for many apps The data doesn't support the suggestion that this is happening on any mass scale. When Apple made app tracking opt-in rather than opt-out in iOS 14 ("App Tracking Transparency"), 80-90% of users refused to give consent. It does happen more when users are tricked (dare I say unlawfully defrauded?) into accepting, such as when installing Windows, when launching Edge for the first time, etc. This is why externally-imposed sandboxing is a superior model to Facebook's pinky promises.

▲

black_knight 2 hours ago | parent | prev | next [-]

I think we could get a lot further if we implement proper capability based security. Meaning that the authority to perform actions follows the objects around. I think that is how we get powerful tools and freedom, but still address the security issues and actually achieve the principle of least privilege.

For FreeBSD there is capsicum, but it seems a bit inflexible to me. Would love to see more experiments on Linux and the BSDs for this.

▲

Findecanor 15 minutes ago | parent | next [-]

Redox is also moving towards having capabilities mapped to fd's, somewhat like Capsicum. Their recent presentation at FOSDEM: https://fosdem.org/2026/schedule/event/KSK9RB-capability-bas...

▲

Noumenon72 24 minutes ago | parent | prev | next [-]

Seems like a bad time to bring this up when it wouldn't have helped with this attack at all.

▲

h4x0rr 2 hours ago | parent | prev [-]

Eli5, what is that supposed to mean?

	▲	kibwen an hour ago \| parent \| next [-]
		The original model of computer security is "anything running on the machine can do and touch anything it wants to". A slightly more advanced model, which is the default for OSes today, is to have a notion of a "user", and then you grant certain permissions to a user. For example, for something like Unix, you have the read/write/execute permissions on files that differ for each user. The security mentioned above just involves defining more such permissions than were historically provided by Unix. But the holy grail of security models is called "capability-based security", which is above and beyond what any current popular OS provides. Rather than the current model which just involves talking about what a process can do (the verbs of the system), a capability involves taking about what a process can do an operation on (the nouns of the system). A "capability" is an unforgeable cryptographic token, managed by the OS itself (sort of like how a typical OS tracks file handles), which grants access to a certain object. Crucially, this then allows processes to delegate tasks to other processes in a secure way. Because tokens are cryptographically unforgeable, the only way that a process could have possibly gotten the permission to operate on a resource is if it were delegated that permission by some other process. And when delegating, processes can further lock down a capability, e.g. by turning it from read/write to read-only, or they can e.g. completely give up a capability and pass ownership to the other process, etc. https://en.wikipedia.org/wiki/Capability-based_security
	▲	an hour ago \| parent \| prev [-]
		[deleted]

▲

ashishb 2 hours ago | parent | prev | next [-]

It also has persistent permissions.

Think about it from a real world perspective.

I knock on your door. You invite me to sit with you in your living room. I can't easily sneak into your bed room. Further, your temporary access ends as soon as you exit my house.

The same should happen with apps.

When I run 'notepad dir1/file1.txt', the package should not sneakily be able to access dir2. Further, as soon as I exit the process, the permission to access dir1 should end as well.

▲

lifeisgood99 2 hours ago | parent | next [-]

A better example would be requiring the mailman to obtain written permission to step on your property every day. Convenience trumps maximal security for most people.

	▲	ashishb an hour ago \| parent [-]
		I would configure mailman with permanent write access to the mailbox area That's what I with my sandbox right now

▲

2 hours ago | parent | prev [-]

[deleted]

▲

symaxian 3 hours ago | parent | prev | next [-]

Sand-boxing such as in Snap and Flatpak?

▲

troad 3 hours ago | parent | next [-]

Notoriously not actually secure, at least in the case of Flatpak. (Can't speak to Snap)

Not sure how something can be called a sandbox without the actual box part. As Siri is to AI, Flatpak is to sandboxes.

▲

FergusArgyll 2 hours ago | parent | next [-]

Doesn't it use bwrap under the hood? what's wrong with that?

	▲	okanat an hour ago \| parent [-]
		Many apps require unnecessarily broad permissions with Flatpak. Unlike Android and iOS apps they weren't designed for environments with limited permissions.

▲

jacobgkau 3 hours ago | parent | prev [-]

The XDG portal standards being developed to provide permissions to apps (and allow users to manage them), including those installed via Flatpak, will continue to be useful if and when the sandboxing security of Flatpaks are improved. (In fact, having the frontend management part in place is kind of a prerequisite to really enforcing a lot of restrictions on apps, lest they just stop working suddenly.)

▲

nextos 3 hours ago | parent | prev [-]

Snap and Flatpak do both sandboxing and package management.

You can use the underlying sandboxing with bwrap. A good alternative is firejail. They are quite easy to use.

I prefer to centralize package management to my distro, but I value their sandboxing efforts.

Personally, I think it's time to take sandboxing seriously. Supply chain attacks keep happening. Defense is depth is the way.

▲

jacobgkau 3 hours ago | parent | prev | next [-]

> getting a lot of slack recently

I think you mean a lot of flak? Slack would kind of be the opposite.

	▲	troad 3 hours ago \| parent [-]
		Haha, yes, corrected. Thank you. I have a habit of fusing unrelated expressions.

▲

its_magic 3 hours ago | parent | prev [-]

I'm sure that will contribute to the illusion of security, but in reality the system is thoroughly backdoored on every level from the CPU on up, and everyone knows it.

There is no such thing as computer security, in general, at this point in history.

▲

ashishb 3 hours ago | parent | next [-]

> but in reality the system is thoroughly backdoored on every level from the CPU on up, and everyone knows it.

Indeed. Why lock your car door as anyone can unlock and steal it by learning lock-picking?

	▲	its_magic 2 hours ago \| parent [-]
		Residents of San Francisco ask themselves that question all the time.

▲

rectang 3 hours ago | parent | prev [-]

There's a subtlety that's missing here: if your threat model doesn't include the actors who can access those backdoors, then computer security isn't so bad these days.

That subtlety is important because it explains how the backdoors have snuck in — most people feel safe because they are not targeted, so there's no hue and cry.

▲

autoexec 2 hours ago | parent [-]

The backdoors snuck in because literally everyone is being targeted. Few people ever see the impact of that themselves or understand the chain of events that brought those impacts about.

	▲	rectang 23 minutes ago \| parent [-]
		And yet, many people perceive a difference between “getting hacked” and “not getting hacked” and believe that certain precautions materially affect whether or not they end up having to deal with a hacking event. Are they wrong? Do gradations of vulnerability exist? Is there only one threat model, “you’re already screwed and nothing matters”?

▲

taftster 3 hours ago | parent | prev [-]

I almost feel like this should just be the default action for all applications. I don't need them to escape out of a defined root. It's almost like your documents and application are effectively locked together. You have to give permissions for an app to extra data from outside of the sandbox.

Linux has this capability, of course. And it seems like MacOS prompts me a lot for "such and such application wants to access this or that". But I think it could be a lot more fine-grained, personally.

▲

josephg 3 hours ago | parent [-]

I've been arguing for this for years. There's no reason every random binary should have unfettered, invisible access to everything on my computer as if it were me.

iOS and Android both implement these security policies correctly. Why can't desktop operating systems?

▲

giobox 2 hours ago | parent | next [-]

The short answer is tech debt. The major mobile OSes got to build a new third party software platform from day 0 in the late 2000s, one which focused on and enforced priorities around power consumption and application sandboxing from the getgo etc.

The most popular desktop OSes have decades of pre-existing software and APIs to support and, like a lot of old software, the debt of choices made a long time ago that are now hard/expensive to put right.

The major desktop OSes are to some degree moving in this direction now (note the ever increasing presence of security prompts when opening "things" on macOS etc etc), but absent a clean sheet approach abandoning all previous third party software like the mobile OSes got, this arguably can't happen easily over night.

▲

marky1991 3 hours ago | parent | prev | next [-]

Mobile platforms are entirely useless to me for exactly this reason, individual islands that don't interact to make anything more generally useful. I would never use any os that worked like that, it's for toys and disposable software only imo.

▲

josephg 2 hours ago | parent | next [-]

Mobile platforms are far more secure than desktop computing software. I'd rather do internet banking on my phone than on my computer. You should too.

We can make operating systems where the islands can interact. Its just needs to be opt in instead of opt out. A bad Notepad++ update shouldn't be able to invisibly read all of thunderbird's stored emails, or add backdoors to projects I'm working on or cryptolocker my documents. At least not without my say so.

I get that permission prompts are annoying. There are some ways to do the UI aspect in a better way - like have the open file dialogue box automatically pass along permissions to the opened file. But these are the minority of cases. Most programs only need to access to their own stuff. Having an OS confirmation for the few applications that need to escape their island would be a much better default. Still allow all the software we use today, but block a great many of these attacks.

	▲	jofla_net an hour ago \| parent [-]
		Both are true, and both should be allowed to exist as they serve different purposes. Sound engineers don't use lossy formats such as MP3 when making edits in preproduction work, as its intended for end users and would degrade quality cumulatively. In the same way someone working on software shouldn't be required to use an end-user consumption system when they are at work. It would be unfortunate to see the nuance missed just because a system isn't 'new', it doesn't mean the system needs to be scrapped.

▲

okanat an hour ago | parent | prev [-]

There is a middle ground (maybe even closer to more limited OS design principles) exist. It is not just toys. Otherwise neither UWP on Windows nor Flatpaks or Firejail would exist nor systemd would implement containerization features.

In such a scenario, you can launch your IDE from your application manager and then only give write access to specific folders for a project. The IDE's configuration files can also be stored in isolated directories. You can still access them with your file manager software or your terminal app which are "special" and need to be approved by you once (or for each update) as special. You may think "How do I even share my secrets like Git SSH keys?". Well that's why we need services like the SSH Agent or Freedesktop secret-storage-spec. Windows already has this btw as the secret vaults. They are there since at least Windows 7 maybe even Vista.

▲

IcyWindows 2 hours ago | parent | prev [-]

Windows has had this for over a decade, but no one wants to put their application in a sandbox.

▲

akdev1l 2 hours ago | parent [-]

If a sandbox is optional then it is not really a good sandbox

naturally even flatpak on Linux suffers from this as legacy software simply doesn’t have a concept of permission models and this cannot be bolted on after the fact

	▲	okanat an hour ago \| parent [-]
		The containers are literally the "bolting on". You need to give the illusion of the software is running under a full OS but you can actually mount the system directories as read-only.