Most elements of the hardware, or data sets shared between apps on the Android and iOS platform are controlled strongly, and only provided to apps explicitly on a need-to-know basis. This can allow the user to make sure, for example, a malicious flashlight app isn't uploading their location and contacts list.
On the desktop on Ubuntu, there are effectively two permission levels of control: user, and root. In the case of user, not much restriction is afforded. It can still connect to the internet, interface with most any hardware it likes, and read/write any files in /home/user/. This model assumes that the user is competent enough to ensure an application they are using is legitimate (which is very easy with open-source software).
So my question is, what sort of restrictions and control over an app's abilities will be in place on the mobile platform? And since it's all the same OS, how will that system overflow into the desktop? Will all programs need to be sandboxed?
I'm quite keen to know the plan 🙂
PS. One thing I like about the way iOS does it over Android is that many permissions must be explicitly approved by the user when it runs for the first time. The result being, if you don't want to tell the Facebook app where you are, you can just disallow it, versus on Android where you just have to uninstall the app and Get Over Itâ„¢.
The system I'd like to see is it asking for permission with a "Just this once" and an "Always" option, when the app needs that permission to execute a command. Want to find yourself on the map? Ask for location permission. Just like the way some HTML5 APIs are handled.
Best Answer
This is being worked on as part of the Ubuntu App Developer Upload spec, in particular, the section on security.
This is still in early stages, but as an extract to the spec, and to provide some context:
Applications will be sandboxed via AppArmor, and permissions will be granted according to the app's AppArmor security profile.