iOS actually has a full implementation of Scheme (TinyScheme) running inside the kernel, that manages the (often very complex) permission schemes -- one for each type of pre-installed app or daemon, and then one for the third-party apps as well.
Edit: Unrelated: I just realized you made the Treo 650 Linux version -- that was awesome!
This is one thing iOS does much better than Android. Apps don't request permissions until the moment they need them, instead of the entire laundry list at the installation time. This allows auto-updating of all apps, while still preventing permissions creep.
iOS has had runtime permissions for far longer than android :)
Some apps will even explain what they (claim to) need the permission for before triggering the permission authorisation pop up.
As a user I want to have the app as isolated as possible and have the ability to grant it any system permissions I want. Perhaps combined with a store rule that an app isn't allowed to block unrelated functionality when it doesn't get the permissions it wants.
iOS has been quite good to me in this regard, although it still needs improvements (e.g. add a permission for accessing internet).
It did have them from the beginning, and the set of supported permissions was quite substantial compared to what iOS offered. But you're right, iOS was first to have the ability to grant/revoke individual permissions at runtime
Do what mobile OS do and make the app ask for permissions just before it needs to do something special.
Make it impossible to ask for root. Sandbox apps.
Linux distributions package applications (including binary ones) for their users, why can't macOS or Windows do this? Run automatic safety checks on them before deploying updates to users. The Windows Store and Apple's App Store (on macOS) are kind of like that, but they only have applications that developers chose to put there. I don't see Linux distributions asking developers for permission to package their application (there are proprietary packages on Arch and NixOS), so I don't see why Apple couldn't do the same.
I like the screenshot in this post about the permissions Android apps ask for. At least this matches my experience. Android apps by and large just ask for everything so it's a choice between giving them everything or not being able to use them.
Apple OTOH does two major things different:
1. Apple's approach is to ask for individual permissions it needs when it first needs them. I can't overstate how much better this is than the Android all-or-nothing permission dialog.
2. Apple's permissions make more sense to users. Things like:
- Your location
- Run in background
- Your contacts
- Your photos
- The camera
Android's permissions always struck me as what engineers would do if they designed a permission system.
> Because, as it turns out, a Libertarian free-for-all doesn’t work.
TRUE. Big true.
Honestly though I don't really see the author's point. I don't see iOS 14 and whatever the next Android version is to be back to what Symbian did.
Edit: Unrelated: I just realized you made the Treo 650 Linux version -- that was awesome!
reply