
Ask HN: Why does any program I run have access to my browsing history? - cowpig
When I run a program as my own user it can read anything from my hard drive. It can read my browsing history, look in my Documents folder where I keep important personal files, etc.<p>Contrast this to a web app, which has very strict default security settings implemented by my browser.<p>Why does this kind of sandboxing seem to be of major concern to my browser, but not my OS? What&#x27;s the history that led to things being this way? Why is it still the case today?
======
tlb
MacOS now has app sandboxing.

Sandboxing is extremely hard to get right. It's even harder to retrofit it
into an existing system, because so many programs exist that just store files
wherever they feel like, and you don't want the new OS to break all the old
programs. And if the OS provides a "legacy program" mode, malicious apps will
just use that.

In addition to files, sandboxing has to protect against capturing screen
pixels, getting keyboard events, doing network or device IO, inspecting the
cut&paste buffer, and hundreds more things, all of which some apps have
legitimate reasons to do. So the matrix of permissions gets very large.

------
makecheck
Sandboxing is becoming more common in the OS as well (e.g. Mac) but these
systems have multi-decade foundations, certainly pre-dating commonplace
Internet and pre-dating powerful hardware. That means they started from much
less power, much less capacity, and much lower threats from the outside.

