Enhance security #146

ski7777 · 2018-12-09T18:35:53Z

Currently all apps and the launcher run with the same rights. This can cause devastating security issues.
Proposal:
Create a new user account/group per app
Save the app files with ftc/ftc permissions and create app data folder with the app permissions
Run app with this permissions

If an app needs to access data of another app, either the developer of the accessed app has to allow this in the manifest (the user will be asked during installation) or the app can request it during run (here we should introduce a system where the user can revoke these permissions)

ski7777 · 2022-12-30T23:42:28Z

postponing to 1.1

ski7777 · 2023-01-16T10:55:50Z

Just a weird proposal: Can we run apps in containers?

hypnotoad · 2023-01-16T12:01:15Z

Just a weird proposal: Can we run apps in containers?
I think it will create lots of overhead in different places.

As security measurement, I think that we should make sure that the main appstore is well-maintained.

ski7777 added enhancement help wanted security labels Dec 9, 2018

ski7777 added this to the v1.1 milestone Dec 9, 2018

ski7777 modified the milestones: v1.1, V1.0 Dec 9, 2018

ski7777 modified the milestones: V1.0, v1.1 Dec 30, 2022

ski7777 self-assigned this Jan 16, 2023

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Enhance security #146

Enhance security #146

ski7777 commented Dec 9, 2018

ski7777 commented Dec 30, 2022

ski7777 commented Jan 16, 2023

hypnotoad commented Jan 16, 2023

Enhance security #146

Enhance security #146

Comments

ski7777 commented Dec 9, 2018

ski7777 commented Dec 30, 2022

ski7777 commented Jan 16, 2023

hypnotoad commented Jan 16, 2023