| ▲ | ryanjshaw 2 days ago | |||||||||||||||||||||||||||||||
This doesn’t solve the problem either, which is that of the Confused Deputy [1]. An arbitrary piece of code I’m downloading shouldn’t be able to run as Ryan by default with access to everything Ryan has. We need to revitalize research into capabilities-based security on consumer OSs, which AFAIK is the only thing that solves this problem. (Web browsers - literally user “agents” - solve this problem with capabilities too: webapps get explicit access to resources, no ambient authority to files, etc.) Solving this problem will only become more pressing as we have more agents acting on our behalf. | ||||||||||||||||||||||||||||||||
| ▲ | _3u10 2 days ago | parent [-] | |||||||||||||||||||||||||||||||
I’ve never seen code that is downloaded run itself. Why not be the change you want to see in the world and run sudo or spawn your browser in a jail. Or download as another user. | ||||||||||||||||||||||||||||||||
| ||||||||||||||||||||||||||||||||