I’ve been thinking. Android implements app permissions on top of Linux, Flatpak does it too. But why is it it’s not part of the kernel?
Like all executable files would be sandboxed and would only be able to access syscalls and parts of the file system if they were allowed to. Making sandboxing the default instead of having to restrict programs.
I’m not a kernel developper so this question may be naive, but it bothers my mind. I guess part of it is because of historical reasons but are there any practical ones that make it not feasable?
EDIT : Thank you all for your answers, almost all of you were very nice and explained things clearly
Look up “capabilities-based operating systems.” They exist; Linux just isn’t one.
Like microkernels, capabilities require certain core architecture designs that Linux doesn’t have. Like all features, there are always tradeoffs: microkernels tend to be slower because of the message passing; capabilities based systems are harder to manage. Linux’s design, for all it’s popularity, is about a simple a kernel design as possible. And you see people making the same decisions now: X11 is inherently multi-user and network capable. Wayland eliminates both, because it makes things more simple.