
Ask HN: What is the desktop security model? - fitzn
For some reason I have been thinking a lot about the &quot;desktop security model&quot; lately in comparison to the browser security model.<p>What stops spotify, or chrome, or any other desktop app that I install from reading my .ssh directory? I assume nothing, by default, since it&#x27;s under the same user. Is there a long history or book about this subject that I don&#x27;t know of? Is there a way to restrict disk access of an application by directory? Obviously, I understand how things have evolved from the early days of assuming installed software was benign. I&#x27;m not complaining, or shaming, or whatever, that developers didn&#x27;t think of the threat model for desktop apps back then as we might if the concept of desktop apps came out today.<p>I am mostly just wondering if this problem has already been discussed and if there is a canonical approach to it.  To give you a sense of why I think this is interesting, compare google search results for &quot;desktop app security model&quot; to &quot;browser security model&quot;. The latter is formally (or &quot;officially&quot;) defined.
======
lgl
Most operating systems these days show you a "Do you want to open/give access
to this app to make changes on your computer?" prompt or popup. We then click
"yes" while rolling our eyes for the inconvenience. The end. :)

------
green-bottle
I don't have much of an idea about Windows or OSX. Regarding Desktop Linux, I
think I wouldn't be far off if I said it has no desktop security model. The
permission system on *nixes (and Linux by inheritance) were formulated in the
context of it being a multi-user system with multiple people logging in via a
terminal. Your data had to be protected from access by unauthorized users. I
don't know if security aspects of running untrusted or unverified programs was
even considered which are significantly more important in the current context.

I think Flatpak is trying to improve Linux application security but still has
a really long way to go compared to the likes of Android and iOS.

