alt Hacker News>Why is it possible for a running application to read information stored by so many other applications which are not related to the program in question?
This question has been answered a million times, and thousands of times on HN alone.
Because in a desktop operating system the vast majority of people using their computer want to open files, they do that so applications can share information.
>Why is isolation between applications not in place by default?
This is mostly how phones work. The thing is the phone OS makes for a sucky platform for getting things done.
> Operating systems are supposed to get in the way
Operating systems that get in the way get one of two things. All their security settings disabled by the user (See Windows Vista) or not used by users.
Security and usage are at odds with each other. You have locks on your house right? Do you have locks on each of your cabinets? Your refrigerator? Your sock drawer?
Again, phones are one of the non-legacy places where there is far more security and files are kept in applications for the most part, bug they make terrible development platforms.
Are you suggesting that it's impossible to have a system that is secure by default and be usable by normal people? Because I'm saying that's very possible and I'm starting to get angry that it hasn't happened.
Plan 9 did this and that kernel is 50k lines of code. and I can bind any part of any attached filesystem I want into a location that any running application has access to, so if any program only has access to a single folder of its own by default, I can still access files from other applications, but I have to opt into that by making those files available via mounting them into the folder of the application I want to be able to access them.
I am not saying that Plan9 is usable by normal people, but I am saying that it's possible to have a system which is secure, usable, not a phone, and easy to develop on (as everything a developer needs can be set up easily by that developer.)