undefined

points

by ryandrake2 hours ago |

comments

by inetknght48 minutes ago|

[-]

> Installing your binaries into C:\Program Files\AppName or /usr/local/bin? Fine.

I used to have this opinion too.

Then I decided that I actually don't want random things to install to `/usr/local/bin`. They should install to `${HOME}/.local/bin`. I should be perfectly capable of installing any application without modifying the system for every user.

by armadyl59 minutes ago|

prev|

[-]

> As a general principle, application developers should not have free rein to modify my system's configuration, and OS's should do their part to make it very difficult for developers.

Funny enough macOS, iOS, iPadOS and Android do this and they are constantly attacked for it.

I do think there needs to be more strict adherence by developers to standards like XDG but I don’t know how it could be enforced.

by nulld3v50 minutes ago|

parent|

[-]

They are constantly attacked because they prevent users from modifying the system configuration, not just app developers.

by simondotau19 minutes ago|

parent|

[-]

From the operating system’s perspective, everything is the user. Or everything is an app developer. Depends on perspective. Disambiguating reliably, in a way you’d consider reasonable, is not trivial (and arguably impossible).

by gjsman-100050 minutes ago|

parent|

prev|

[-]

> I do think there needs to be more strict adherence by developers to standards like XDG but I don’t know how it could be enforced.

It can't be enforced. Developers can and will always do whatever they want with the tools available. For good ends (Adobe) or for ill (malware).

If you try to fix it with sandboxing and closed app stores (Apple forcing sandboxing and using SIP), you get attacked. If you don't try to fix it and let devs do as they please (Microsoft allowing host file editing), you get attacked. The conclusion of these incompatible goals? HN and nerds have zero relevance in policy discussions, because they don't have a consistent policy to offer [1].

[1] Unless, of course, you define "devs shouldn't be able to do anything bad even if they choose" and "users should be able to anything bad if they choose" and "users should be able to write their own software capable of bad things while simultaneously not being held to the standard of devs" as a compatible principled position.

by anfilt31 minutes ago|

parent|

[-]

I think somewhat sand boxed is fine, but the user should at the end of the day be allowed to let things out or get out if it.

The problem with things like iOS is the user can't make that choice. Also what you call 'bad' is up to the user. At the end of the day a user should be able to adjust things even at root level or request other software to do that on their behalf. Heck for iDevices owners should be able to load their own signing keys at a minimum for the Boot-ROM.

As for Adobe most people would not expect their software to touch the host file, so it's fine to call them out here. Someone using a utility or tool that you would expect to edit the host file that's fine, and people should be able to use or make such a tool. (The os should not prevent the user/owner if that's what they want).

by ryandrake26 minutes ago|

parent|

[-]

Yea, that's what I was getting at. The user should be king. Not the application developer, not the OS vendor. The user should be able to easily say yes/no to these things and have the final say.

by dev_l1x_be26 minutes ago|

prev|

[-]

> developers should not have free rein to modify my system's configuration

s/free rein/the ability/

I am a big believer in read only operating systems. /etc should not be writable.

by zymhan5 minutes ago|

parent|

[-]

We get it, you like Nix

by mikkupikku1 hours ago|

prev|

[-]

I thought the days if needing to "sudo" to install applications on windows were long gone; doesn't basically everything happily do user installations now? I would view a demand to escalate as basically proof that the application is about to do something janky, if not outright malicious. On linux, if I can't build and run software with just my user account, that software has some explaining to do. Virtually every desktop application should be able to run without escalated privileges.

by vpShane1 hours ago|

parent|

[-]

on windows and mac they just get a prompt and a lot of people don't read it, care, nor wonder what it's actually doing they just want it to work.

I know you all know this but companies will do this knowing that exploiting all of us.

I use Linux and agreed on all those points. when I used adobe before it wanted to charge me a fee to cancel my subscription and wouldn't let me just 'cancel' in their system so I just blocked the payments on my card and dipped out.

good software, garbage company

by Ajedi321 hours ago|

parent|

prev|

[-]

"C:/Program Files" is still the recommended place to install programs, and it requires admin privileges to write to. Some programs (ab)use C:\ProgramData for that purpose instead and therefore don't need admin privliges. But even with that hack, ultimately Windows still uses the https://xkcd.com/1200/ permission model. (Everything runs with full access to all your data.)