[IAEP] [Sugar-devel] A security vs. functionality question
Luke Faraone
luke at faraone.cc
Thu Aug 6 21:13:01 EDT 2009
On Thu, Aug 6, 2009 at 20:56, Benjamin M. Schwartz <bmschwar at fas.harvard.edu
> wrote:
> > I had assumed everyone has root access, it is such a basic need for a
> > machine you own.
>
> Not all Sugar users run on machines that they own. Some are students
> running on school computers. Some are children who run on their parents'
> computers. In any case, I'm uncomfortable with an Activity requiring
> arbitrary root access, and what Rainbow provides is very much like a
> chroot (chhome? chuser?).
Well, Rainbow provides sensible permissions and allows the activity no write
access outside of its own special subdirectory, but it has read access
otherwise to anything `nobody` can view, IIRC.
--
Luke Faraone
http://luke.faraone.cc
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.sugarlabs.org/archive/iaep/attachments/20090806/9704e05e/attachment.htm
More information about the IAEP
mailing list