> We need a clear separation between system programs and application programs ... The default way to install third-party application software shouldn't depend on repositories or servers. It should be based on installing files, just like on Windows.
So the end goal is for a system where users download random binaries off the net, which never get any security patches and leave dozens of copies of vulnerable dependencies lying around?
> Additionally, a permission system like Android's could be a good idea.
Even with a permission system like Android's, how are you going to stop malicious applications from exfiltrating all the files in your home directory, or recording all your keystrokes, or spying on your clipboard, or putting up a fake password prompt, or mining bitcoin with your GPU, or just escaping whatever sandbox you think you're running them in?
If those are the risks I have to put up with in order to run a bleeding-edge Python interpreter on my system, then I think I'll pass. I guess that makes me an old_unixer.
> So the end goal is for a system where users download random binaries off the net
They download the binaries they trust off the net.
You're insinuating that some users are too stupid to know who to trust and go around downloading random binaries. If there are such users, then I guess my OS is not geared towards them, but rather to software developers, creative professionals, etc. who know what they're doing and need to get their application software directly from the developer.
People who don't know who to trust or want their OS developers to keep repositories for them can keep using Apple devices with their walled gardens or repository-centric Linux distros.
> which never get any security patches and leave dozens of copies of vulnerable dependencies lying around?
Do Windows applications never get any security patches?
And yes, sandboxing is not an infallible security mechanism, but it could help, and it also has other practical advantages not related to security.
So the end goal is for a system where users download random binaries off the net, which never get any security patches and leave dozens of copies of vulnerable dependencies lying around?
> Additionally, a permission system like Android's could be a good idea.
Even with a permission system like Android's, how are you going to stop malicious applications from exfiltrating all the files in your home directory, or recording all your keystrokes, or spying on your clipboard, or putting up a fake password prompt, or mining bitcoin with your GPU, or just escaping whatever sandbox you think you're running them in?
If those are the risks I have to put up with in order to run a bleeding-edge Python interpreter on my system, then I think I'll pass. I guess that makes me an old_unixer.