I thought I’ll make this thread for all of you out there who have questions but are afraid to ask them. This is your chance!

I’ll try my best to answer any questions here, but I hope others in the community will contribute too!

  • starman@programming.dev
    link
    fedilink
    English
    arrow-up
    0
    ·
    edit-2
    7 months ago

    On Android, when an app needs something like camera or location or whatever, you have to give it permission. Why isn’t there something like this on Linux desktop? Or at least not by default when you install something through package manager.

    • Laura@lemmy.ml
      link
      fedilink
      arrow-up
      0
      ·
      7 months ago

      Android apps are sandboxed by default while packages on Linux run with the users permission.

      There is already something like this with Flatpak since it also sandboxes every installed program and only grants requested permissions.

    • Eugenia@lemmy.ml
      link
      fedilink
      English
      arrow-up
      0
      ·
      7 months ago

      Because it requires a very specific framework to be built from the ground up, and FDO doesn’t specify these. A lot of breakage would happen if were to shoehorn such changes into Linux suddenly. Android has many layers of security that they’re fundamentally different than that of the unix philosophy. That’s why Android, even if it’s based on Linux, it’s not really considered “a distro”.

    • baseless_discourse@mander.xyz
      link
      fedilink
      arrow-up
      0
      ·
      edit-2
      7 months ago

      It is technically doable, but that would require a unified method to call when an app needs camera, and that method will give show the prompt.

      This would technically require developers to rewrite their apps on linux, which is not happening anytime soon.

      Fortunately, pipwire is currently doing this work, like when you screen share on zoom using pipwire, a system prompt will pop up asking you for what app to share. Unlike on Windows, zoom cannot see your active windows when using this method, only the one that you choose to share.

      There is a lot of work in improving security and usablity of linux sandbox, and it is already much better than Windows (maybe also better than macos?). I am confident, in 5 years, linux sandbox stack (flatpak, protal, pipewire) will be as secure and usable as on android and ios.