New ask Hacker News story: Ask HN: What is the desktop security model?
Ask HN: What is the desktop security model?
3 by fitzn | 0 comments on Hacker News.
For some reason I have been thinking a lot about the "desktop security model" lately in comparison to the browser security model. What stops spotify, or chrome, or any other desktop app that I install from reading my .ssh directory? I assume nothing, by default, since it's under the same user. Is there a long history or book about this subject that I don't know of? Is there a way to restrict disk access of an application by directory? Obviously, I understand how things have evolved from the early days of assuming installed software was benign. I'm not complaining, or shaming, or whatever, that developers didn't think of the threat model for desktop apps back then as we might if the concept of desktop apps came out today. I am mostly just wondering if this problem has already been discussed and if there is a canonical approach to it. To give you a sense of why I think this is interesting, compare google search results for "desktop app security model" to "browser security model". The latter is formally (or "officially") defined.
3 by fitzn | 0 comments on Hacker News.
For some reason I have been thinking a lot about the "desktop security model" lately in comparison to the browser security model. What stops spotify, or chrome, or any other desktop app that I install from reading my .ssh directory? I assume nothing, by default, since it's under the same user. Is there a long history or book about this subject that I don't know of? Is there a way to restrict disk access of an application by directory? Obviously, I understand how things have evolved from the early days of assuming installed software was benign. I'm not complaining, or shaming, or whatever, that developers didn't think of the threat model for desktop apps back then as we might if the concept of desktop apps came out today. I am mostly just wondering if this problem has already been discussed and if there is a canonical approach to it. To give you a sense of why I think this is interesting, compare google search results for "desktop app security model" to "browser security model". The latter is formally (or "officially") defined.
Comments
Post a Comment