[haiku-development] Re: Multi-user is a mistake
- From: Daniel <headbulb@xxxxxxxxx>
- To: haiku-development@xxxxxxxxxxxxx
- Date: Tue, 7 Jan 2014 09:51:10 -0700
I don't believe the multiuser is a mistake. The use case that you
mention is easily remedied by the user being automatically logged in.
It could be the anonymous account all ones cares. All major platforms
do this.
The sandboxing would benefit and share much of the same code used to
separate users processes. Android does something similar, it runs each
app as a different user to securely set permissions on each app's
files. Linux/unix does it with daemons having their own account, that
way the process gets access to files it owns and has permissions on.
Computers having logins hasn't taken away the personal aspect if
anything it's given it. It's allowed me to save my private files and
still allow others to use my computer. What I believe you want is more
of a shared computing experience with others, but I don't think that's
a reason to not look forward to the future and having proper multiuser
implemented.
On Tue, Jan 7, 2014 at 9:41 AM, John Scipione <jscipione@xxxxxxxxx> wrote:
> I've been thinking a bit about post R1 features and I see that there is a
> clear motivation to eventually add multi-user capabilities to Haiku and I
> feel that this is a mistake. Haiku should remain a single user OS.
>
> Personal computers are and should be personal, that is, they should cater to
> a single individual. Adding additional users adds additional complexity
> which makes the entire system harder to use and more abstract.
>
> Families that share a computer need not have multiple accounts. It's a niche
> case which is better served through individual account services.
>
> By not having multiple user accounts you don't have to worry about if an
> application is available for a single user or all users on the system, all
> applications are available.
>
> Same goes for shared resources such as music.
>
> By not having user accounts you are allowed to use the computer anonymously,
> you don't have to first identify yourself, this is a really important
> benefit.
>
> What is needed is privilege separation ala sandboxing. Applications should
> only be allows to read and write from specific locations such as their own
> settings files. Applications should need to special privileges to write to
> shared areas like adding and the like.
>
> The problem of security is orthogonal to multi-user, one should not
> influence the decision to utilize, or not utilize the other.
Other related posts:
