[cap-talk] Android using capability discipline
James A. Donald
jamesd at echeque.com
Thu Jul 1 21:04:12 PDT 2010
Dan Bornstein wrote:
>>> Commenters in the Android Market *already* make comments
>>> along the lines of "Why does this app need to read my
>>> location?" etc., and some will down-rank (e.g., rate as
>>> one-star) apps that they perceive to be too
>>> permission-heavy.
James A. Donald:
>> This seems to indicate that there is significant end user
>> demand for a POLA operating system - not that we should
>> use such words and phrases as "capability" or "principal
>> of least authority" in front of end users, but it does
>> indicate that the concept of granting relatively fine
>> grained permissions is intuitive and important to end
>> users.
Dirk Pranke wrote:
> I'm not sure that I would agree with your conclusion. What
> it says to me is that if you present users with a list of
> options, some of them will ask about it, and wish for
> finer-grained control. We do not know if that percentage of
> users is "significant", and we certainly can't conclude
> from that that end users have any concept of what a POLA
> operating system would be
As I said, we should not use such a term in front of end
users.
What users want is not POLA, but that applications should not
be doing surprising things behind their backs.
If, for example, one's minesweeper app was accessing one's
contacts list and sending out emails, one does not need an
electrical engineering degree to smell a rat.
More information about the cap-talk
mailing list