• cybersandwich@lemmy.world
    link
    fedilink
    arrow-up
    3
    ·
    8 months ago

    I think he was trying to say apps get access to “root features” through an abstraction layer/API calls that is controlled.

    They don’t/wouldn’t have carte blanche root access to the underlying system. It’s kinda like a docker container or VM or flatpaks/snap packages on Linux. They are sandboxed from everything else and have to be given explicit premission to do certain things(anything that would need root privileges/hardware access).