The MS-DOS Security Model

"[Yes, I know, the user accounts allows also to theoretically share a single desktop computer among more than one physical users (also known as: people), but, come on, these days it's that a single person has many computers, and not the other way around.]"<p>This is a great example of tech people falsely generalizing their experience and habits to those of non-tech people. There are many, many families with one computer that the entire family shares.

I was kind of expecting this to link to a blank page. I was pleasantly surprised to find a very logical and coherent article.

Android is the only mainstream OS I know that does better than this. Are there any others?

"sandbox -X" (writeup at <a href="http://danwalsh.livejournal.com/31146.html" rel="nofollow">http://danwalsh.livejournal.com/31146.html</a> ) does in fact let you isolate various applications.

Wouldn't surprise me if future versions of OS X adopted sandboxed applications à la iOS.

X (which sucks in many ways) does have a security extension (which isolates X clients from each other); a lot of applications don't work with it, but this problem <i>has</i> been considered.<p>Frankly, I was expecting this to be a pro-DAC (SELinux/grsecurity/TrustedBSD) article.

&#62; But, hey, why this little, made by nobody-knows-who, dive application should be given unlimited access to all your personal files, work email, bank account, and god-know-what-else-you-keep-on-your-laptop?<p>This problem is largely getting solved, by web applications. Make little applications in the form of websites, and people can use it safely as long as the web browser does not have a security hole.<p>Running different applications as different users on a desktop machine is too much trouble anyway.

I don't understand. Most things this article pretends are simply wrong : every application has NOT access to every file on a Linux or Mac OS X computer; Several people DO share the same computer using different accounts; obviously the writer's POV is distorted by her strange obsession towards virtualization and a (faked?) complete misunderstanding of the modern OSes security model.<p>I would like to be able to downvote this stupid rant :)

I don't understand her claims about universal access to all files (as in rwx?). Not everyone is a sudoer in linux, for instance.

Chrome is taking some steps to improve this with its sand boxing and principle of least authority for its many processes. It will be interesting to see how this translates to a full operating system when Chrome OS is released. I hope it will push other operating system developers to improve along this axis.

You could try to isolate X applications from each other by having each run in its own nested X server like Xephyr.

&#62; no doubt you will want to have some dive log manager application to store the history of your dives on a computer<p>I'm sure there are some very nice web apps for that out there. I don't install programs I don't intend to run at least weekly anymore, with very few obvious exceptions.

initially I thought "The Invisible Things" was referring to the security model