It isn't even a big deal and since the whole operating system will be hackable, I question the point of bringing it up. However, Its worth questioning.
Its possible to create a dummy user with no permissions and run the child process from within that context. http://linux.die.net/man/8/sudo. This allows processes to be forced to go through us to do anything. This may or may not be a good thing however as it basically limits freedom and/or enable frustration for developers used to doing whatever they want. That being said, it is useful for ensuring ports and etc all run without conflicts.
As for the client permissions, that is strictly web based and not as easy to implement.
It isn't even a big deal and since the whole operating system will be hackable, I question the point of bringing it up. However, Its worth questioning.
Its possible to create a dummy user with no permissions and run the child process from within that context. http://linux.die.net/man/8/sudo. This allows processes to be forced to go through us to do anything. This may or may not be a good thing however as it basically limits freedom and/or enable frustration for developers used to doing whatever they want. That being said, it is useful for ensuring ports and etc all run without conflicts.
As for the client permissions, that is strictly web based and not as easy to implement.