On Friday 2022-07-08 08:11, Stefan Seyfried wrote:
This extra dialog when something wants to "reach outside" the restrictions is what got me sold on the idea. I hate selinux and apparmor and the like just because they deny access without talking to me about it, and thus are IMHO a UI nightmare (Also the windows UAC popups "this application wants to change *something*" are useless, because they do not actually tell *what* is about to be changed and are (AFAIK) just "confirm that i might run something with sudo" notifications).
UAC pauses the syscall, SELinux/Apparmor don't. (FUSE could, heh.) SEL/AA just deny the request. If the application then does not report the error in a way that means something to the user, it is the application's fault. Bad: perl -e 'if(!open(FH,"/etc/shadow")) { die $!; }' Good: perl -e 'if(!open(FH,"/etc/shadow")) { die "Could not open /etc/shadow: $!"; }' For example, take <img> HTML tags. If it cannot be loaded, browsers just put a placeholder icon and there is no alt="" text/tooltip defined for what happened. No strerror(errno) for file:-scheme objects, no "404"/"503" for https:-scheme images. Fuck browsers! The only thing that Linux has going against it that there is nothing like Extended Error Reporting. All you get is the integer from the syscall return value, and the caller cannot see whether file access failed due to an LSM, or regular file permission bits.