I've been a professional C, Perl, PHP and Python developer.
I'm an ex-sysadmin.
Back in the day, I had a geekcode which I'm not going to share with you.
418 I'm a teapot.
On a Mac and a Debian box right now, and I can read other people's home directories but not write to them on both systems. I'm not sure what the difference is. If you're saying that some random GUI app that's a trojan has a better chance of writing to someone else's home directory on one system, then ok - I mean I don't really know how that would work, but I'll assume you're right for the sake of this thread.
What you were saying before about the difference in prompts somehow making one more secure than the other doesn't make sense to me though, and it looks like you're moving the goalposts a little.
Different systems will share some vulnerabilities and also have their own separate ones. MacOS is pitched as mostly being for single-user systems where you need physical access to do a lot of damage, where Linux is more likely to be multi-user from the get-go. Both approaches make compromises. There are root escalation vulnerabilities on both we haven't even heard of yet, I'm sure - but it's not as easy as "this script gets you root on Linux, MacOS is secure".
I might be wrong, but I meant writing to the logged in user's home directory. With a normally configured Linux box, applications could write to the same user's home directory without asking for explicit permissions, while with MacOS, this is not the case. MacOS asks for "Documents" permission before allowing an application to write in the home directory making the attack surface much less. I guess you could do some hardening to mitigate this
I've been a professional C, Perl, PHP and Python developer.
I'm an ex-sysadmin.
Back in the day, I had a geekcode which I'm not going to share with you.
418 I'm a teapot.
Maybe. I don't remember seeing that, but if it's the case, then if this is something bundled with a GUI app, people are probably just going to click "sure, ok" and if it's a CLI app, I doubt they'd get that prompt.
For further actions, you may consider blocking this person and/or reporting abuse
We're a place where coders share, stay up-to-date and grow their careers.
Well yes, but applications need explicit permission to access the home directory in MacOS, reducing the attack surface by a lot
On a Mac and a Debian box right now, and I can read other people's home directories but not write to them on both systems. I'm not sure what the difference is. If you're saying that some random GUI app that's a trojan has a better chance of writing to someone else's home directory on one system, then ok - I mean I don't really know how that would work, but I'll assume you're right for the sake of this thread.
What you were saying before about the difference in prompts somehow making one more secure than the other doesn't make sense to me though, and it looks like you're moving the goalposts a little.
Different systems will share some vulnerabilities and also have their own separate ones. MacOS is pitched as mostly being for single-user systems where you need physical access to do a lot of damage, where Linux is more likely to be multi-user from the get-go. Both approaches make compromises. There are root escalation vulnerabilities on both we haven't even heard of yet, I'm sure - but it's not as easy as "this script gets you root on Linux, MacOS is secure".
I might be wrong, but I meant writing to the logged in user's home directory. With a normally configured Linux box, applications could write to the same user's home directory without asking for explicit permissions, while with MacOS, this is not the case. MacOS asks for "Documents" permission before allowing an application to write in the home directory making the attack surface much less. I guess you could do some hardening to mitigate this
Maybe. I don't remember seeing that, but if it's the case, then if this is something bundled with a GUI app, people are probably just going to click "sure, ok" and if it's a CLI app, I doubt they'd get that prompt.