Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

The Android approach is among the most "complicated to set up and use" (since it's based on SELinux under the hood) but the OEM does that for you. There's no reason why Linux distros couldn't do the same thing using Flatpak and/or bubblewrap. (Plus AppArmor for extra hardening where sensible.)


Linux distros already do that thing. Distros like PureOS, SteamOS and Fedora Silverblue focus on Flatpak as app distribution model.

The thing is, nobody restricts you from ignoring that model and doing stuff the old way if you feel like it, which is in contrast to Android.


Just the lack of.. the whole ecosystem adopting the restricted model and there being a properly specified and documented model in the first place.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: