Chapter 11: Batten the Hatches with Security Services

iOS is likely the first platform that most developers encounter that employs a true least-privilege security model. Most modern operating systems employ some kind of privilege separation, allowing different processes to run with different permissions, but this is almost always used in a very coarse way. Most applications on Unix, OS X, and Windows run as either the current user or a superuser, which can do nearly anything. Attempts to segment this further, whether with Security Enhanced Linux (SELinux) or Windows User Account Control (UAC), have generally led to developer revolt. The most common questions about SELinux are not how to best develop for it, but how to turn it off.