this post was submitted on 29 Jan 2025
15 points (94.1% liked)
Programming
18040 readers
62 users here now
Welcome to the main community in programming.dev! Feel free to post anything relating to programming here!
Cross posting is strongly encouraged in the instance. If you feel your post or another person's post makes sense in another community cross post into it.
Hope you enjoy the instance!
Rules
Rules
- Follow the programming.dev instance rules
- Keep content related to programming in some way
- If you're posting long videos try to add in some form of tldr for those who don't want to watch videos
Wormhole
Follow the wormhole through a path of communities [email protected]
founded 2 years ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
FWIW SELinux is a standard Linux feature - mostly used by RedHat distros.
The difference is the approach to how much a system should be locked down. Desktop systems are traditionally more flexible, probably more for historic reasons, partly due to being used by more technically sophisticated users (or at least assuming users would be more sophisticated). Smart phones, however, were marketed towards the lowest-common denominator users running on a device with many limitations as well. I'm not disparaging these users mind - just stating a fact. So things need to be locked down more. And since these platforms had no legacy expectations on them they could do it however they like (e.g. they can dictate which directories are used for what purposes).
The desktop is sorta moving in this direction as well. Flatpaks and snaps run applications in containers which can be restricted and isolated from each other as well as from the rest of the system. It takes time for applications to catch up to being sandboxed though so it is happening slowly.