Hacker News new | comments | show | ask | jobs | submit login

While I generally agree, I think it's a mistake to blame users for the fact that any PC software they want to even try is given rights to fully hijack their machine and muck things up. (Yes, it's a lesser issue on the Macs, but as you note: it's still an issue)

That was, and is, a serious design failure.

Agreed. The OLPC had a sandboxing feature to prevent this.

Did it use UnionFS?

On a tangent, why aren't more Linux installs (outside of 'live' distros) making use of UnionFS? That makes it easy to 'lock down' the base install because all of the writing goes to a separate partition that could be completely removed to restore the original state. Are their performance issues with UnionFS (performance in a desktop-sense, not in a server-sense)?

Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | DMCA | Apply to YC | Contact