Conversation

Notices

1. Embed this notice
   feld (feld@bikeshed.party)'s status on Sunday, 24-Mar-2024 05:39:05 JST feld

   • ryan harg :antifa:
   • Cyber Yuki
   • flo
   @yuki2501 @ryan_harg @fasnix if you want to have nice things like the MacOS popup to prompt an app for access to your Downloads, Documents, etc you really need to throw out expectations of how the traditional unix model of permissions/access controls work and this gets really weird and complicated
   • Embed this notice
     feld (feld@bikeshed.party)'s status on Sunday, 24-Mar-2024 05:39:01 JST feld

     in reply to

     • ryan harg :antifa:
     • Cyber Yuki
     • flo
     • Jasper 🍉
     @jasper @ryan_harg @fasnix @yuki2501
     
     > Not sure if a virtual filesystem can reply with "just hold on", while asking the user if it is ok. (think not?)
     
     It's just a syscall. It could block and wait before responding. Ever had NFS hang on a request like a simple ls before? Same concept except it's not due to a failure scenario lol
     narcolepsy and alcoholism :flag: likes this.
   • Embed this notice
     Jasper 🍉 (jasper@mastodon.nl)'s status on Sunday, 24-Mar-2024 05:39:02 JST Jasper 🍉

     in reply to

     • ryan harg :antifa:
     • Cyber Yuki
     • flo

     @feld programs want regular $HOME rather arbitrarily. Not sure if a virtual filesystem can reply with "just hold on", while asking the user if it is ok. (think not?)

     It might be good if file-selection browsers was an intermediary, if that intermediary is trusted, you can know the users asked to access to that file. Avoiding the whole prompt thing..

     Also, like X and (slightly less so?)Wayland might allow too much too. @ryan_harg @fasnix @yuki2501

   • Embed this notice
     Jasper 🍉 (jasper@mastodon.nl)'s status on Sunday, 24-Mar-2024 05:39:04 JST Jasper 🍉

     in reply to

     • ryan harg :antifa:
     • Cyber Yuki
     • flo

     @feld there should be a standard saying how programs specify what they're limited too.

     Also note, people do it uncleanly with firejail or bubblewrap now. For instance ~/iso/$ROLE becomes the $HOME directory for some of my programs. But like i do that to programs, dunno if doing it to the window manager is practical.. @ryan_harg @fasnix @yuki2501

   • Embed this notice
     feld (feld@bikeshed.party)'s status on Sunday, 24-Mar-2024 05:39:05 JST feld

     in reply to

     • ryan harg :antifa:
     • Cyber Yuki
     • flo
     @yuki2501 @ryan_harg @fasnix In FreeBSD world I guess you might be able to make a kernel module using the MAC framework to intercept these requests and then hook in to call something like how pinentry for gpg can open a dialog in a graphical interface or in the shell for approving or denying access, and the application would be blocked until you respond. It would then have to retain a database of applications you've granted access to but how do you determine which applications should be forced through this? You obviously can't do it for everything.
     
     
     Maybe utilities/programs that should always have access are allowed because of some extended filesystem attribute? (Here we go getting weird again, not every fs with an executable is going to support extended attributes in Linux/BSD land) And who decides that anyway?
     
     I have no idea how you'd do this cleanly in Linux. I guess you'd have to provide implementations for both SELinux and AppArmor as they'd be hooked in the appropriate places? Gross