Hacker News new | past | comments | ask | show | jobs | submit login

The gnu/linux userspace has absolutely no security whatsoever. It’s a real shame how trivial it is to have even an npm install potentially do literally anything.

Android has an actual, sane, rethought security model that has a good track record in protecting millions of non-tech-savvy people.




To be clear, this security model is bolted on top of the kernel and uses SELinux under the hood. It's not some magic thing, it can certainly be replicated and even improved.


Android has a security model that protects the OS from applications and applications from users. A sane security model would put the user in control.


That is true. A good way to remove the second part is to gain root.


If you run your npm install in a properly set up container (and at some point in the future, Flatpak will set this up for you), it isn't going to do much. Yes, I'm well aware that containers should still be tought of as "not a real security boundary" given the amount of remaining attack surface, but even then the Android approach is not very different.




Consider applying for YC's Fall 2025 batch! Applications are open till Aug 4

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: