Ginkko117, 11 months ago

@mcc You're forgetting the wonderful world of Linux distributions. Nowadays, there are a lot of distros user-friendly enough for people who want it to "just work" out of the box. Just as an example - I switched to Pop!_OS almost a year ago and never had any serious issues since then, and also don't have to deal with intrusive adds/permissions/updates and similar nonsense

mcc, 11 months ago

The thing that I really want— every application is running inside of a sandbox I fully control, such that all attempted OS-level changes are accepted from the app's perspective but actually logged and tracked, and then I'm allowed pijul-style to decide which "patchsets" of sandboxes are simultaneously active for any one piece of software— might be kinda hard to implement and implement efficiently. But it seems some third option must be possible

mcc, 11 months ago

Like, "the app developer has complete control and the user is powerless" versus "the OS vendor has complete control and the user and app developers are both powerless" versus the good condition, "the user has complete control and the OS vendor and app developer must do what they say".

(And no, Linux is not that third thing. Windows is the OS where 168989f.msi "wants to make changes to your device" and Linux is the OS where you're being asked to run curl 16989f.sh > sudo sh)

uint8_t, 11 months ago

@mcc but that .sh does sound like something you can download, read, edit, and execute the parts of it that you do like

aeva, 11 months ago

@uint8_t @mcc do you read the source code of everything you linux

uint8_t, 11 months ago

@aeva @mcc of course not, but I do read every 16989f.sh I downloaded from a random chinese vendor

c0dec0dec0de, 11 months ago

@aeva @uint8_t @mcc ugh, no. Not for lack of blundering into it though. Today’s spelunking was into Apache Guacamole and why nobody has upgraded beyond Java 8.

aeva, 11 months ago

@c0dec0dec0de @uint8_t @mcc isn't it wonderful what you find when you look behind the curtain at allegedly trustworthy vetted software

c0dec0dec0de, 11 months ago

@aeva @uint8_t @mcc it’s extraordinary, really

uint8_t, 11 months ago

@c0dec0dec0de @aeva @mcc I forgot which installer .sh did the rm -rf /* as an oopsie

aeva, 11 months ago

@uint8_t @c0dec0dec0de @mcc lol

aeva, 11 months ago

@mcc windows can kinda do this but it's not pretty

inthehands, 11 months ago

@mcc
I’ve wanted this too, and have thought about it. I pondered for a while a layered file system in which the user controls which layers are readable and writable by each app, and was halfway to implementing a nonsense version of Nix-in-the-OS before I decided this was not actually an easy problem.

mcc, 11 months ago

@inthehands Did you know the original Mach, the experimental microkernel that gradually turned into Mac OS X, originally had a feature where userland program 1 could launch userland program 2 in a special way, and then from program 2's perspective program 1 was the kernel. Program 2 would think it's sending syscalls to the kernel but the syscalls are all going to program 1 and program 1 is allowed to freely decide whether to forward them on to the real kernel or just like… lie