Hacker News new | comments | show | ask | jobs | submit login

Agreed. The OLPC had a sandboxing feature to prevent this.

Did it use UnionFS?

On a tangent, why aren't more Linux installs (outside of 'live' distros) making use of UnionFS? That makes it easy to 'lock down' the base install because all of the writing goes to a separate partition that could be completely removed to restore the original state. Are their performance issues with UnionFS (performance in a desktop-sense, not in a server-sense)?

Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | Legal | Apply to YC | Contact