As a general principle, application developers should not have free rein to modify my system's configuration, and OS's should do their part to make it very difficult for developers. Installing your binaries into C:\Program Files\AppName or /usr/local/bin? Fine. Dumping crap all over C:\Windows or /usr or /boot or something? No way--the OS should make the developer obtain my consent (not just a blanket sudo-like escalation) to do these things. Sneakily modifying /etc/hosts to act against me? Get the hell outta here!

▲

inetknght 9 minutes ago | parent | next [-]

> Installing your binaries into C:\Program Files\AppName or /usr/local/bin? Fine.

I used to have this opinion too.

Then I decided that I actually don't want random things to install to `/usr/local/bin`. They should install to `${HOME}/.local/bin`. I should be perfectly capable of installing any application without modifying the system for every user.

▲

armadyl 20 minutes ago | parent | prev | next [-]

> As a general principle, application developers should not have free rein to modify my system's configuration, and OS's should do their part to make it very difficult for developers.

Funny enough macOS, iOS, iPadOS and Android do this and they are constantly attacked for it.

I do think there needs to be more strict adherence by developers to standards like XDG but I don’t know how it could be enforced.

	▲	nulld3v 11 minutes ago \| parent \| next [-]
		They are constantly attacked because they prevent users from modifying the system configuration, not just app developers.
	▲	gjsman-1000 10 minutes ago \| parent \| prev [-]
		> I do think there needs to be more strict adherence by developers to standards like XDG but I don’t know how it could be enforced. It can't be enforced. Developers can and will always do whatever they want with the tools available. For good ends (Adobe) or for ill (malware). If you try to fix it with sandboxing and closed app stores (Apple forcing sandboxing and using SIP), you get attacked. If you don't try to fix it and let devs do as they please (Microsoft allowing host file editing), you get attacked. The conclusion of these incompatible goals? HN and nerds have zero relevance in policy discussions, because they don't have a consistent policy to offer [1]. [1] Unless, of course, you define "devs shouldn't be able to do anything bad even if they choose" and "users should be able to anything bad if they choose" and "users should be able to write their own software capable of bad things while simultaneously not being held to the standard of devs" as a compatible principled position.

▲

mikkupikku an hour ago | parent | prev [-]

I thought the days if needing to "sudo" to install applications on windows were long gone; doesn't basically everything happily do user installations now? I would view a demand to escalate as basically proof that the application is about to do something janky, if not outright malicious. On linux, if I can't build and run software with just my user account, that software has some explaining to do. Virtually every desktop application should be able to run without escalated privileges.

	▲	vpShane 38 minutes ago \| parent \| next [-]
		on windows and mac they just get a prompt and a lot of people don't read it, care, nor wonder what it's actually doing they just want it to work. I know you all know this but companies will do this knowing that exploiting all of us. I use Linux and agreed on all those points. when I used adobe before it wanted to charge me a fee to cancel my subscription and wouldn't let me just 'cancel' in their system so I just blocked the payments on my card and dipped out. good software, garbage company
	▲	Ajedi32 an hour ago \| parent \| prev [-]
		"C:/Program Files" is still the recommended place to install programs, and it requires admin privileges to write to. Some programs (ab)use C:\ProgramData for that purpose instead and therefore don't need admin privliges. But even with that hack, ultimately Windows still uses the https://xkcd.com/1200/ permission model. (Everything runs with full access to all your data.)