[sugar] Web activity not containerized?

[Bert Freudenberg]

Why not simply run it as the same (non-olpc) user every time?

- Bert -

On Dec 22, 2007, at 22:35 , Michael Stone wrote:

> Bert,
>
> Xulrunner hardcodes the use of permissions like 0600 and 0700 all
> throughout its code-base. This means that, when Browse stores its
> profile information (SSL certs, web cache, ...) in $SAR/data, many
> operations fail during the second launch of Browse.
>
> See
>
>   http://wiki.laptop.org/go/Concurrent_activity_instances
>
> for some of the gory details of how we tried to work around the  
> problem
> and failed.
>
> Help in solving this problem in a maintainable way would be most
> appreciated. (It is widely felt that patching xulrunner to use  
> different
> permissions will be fragile and unmaintainable unless the upstream
> xulrunner folks are willing to accept the patch. Based on this view,
> Marco, Simon, and I have contacted several Moz. folks seeking  
> advice on
> how to proceed.)
>
> Michael
>
>
> On Sat, Dec 22, 2007 at 09:23:22PM +0100, Bert Freudenberg wrote:
>> Hi Marco,
>>
>> just saw your commit to take the Web activity out of its security
>> container. What's the motivation behind that? Wouldn't the browser be
>> particularly advised to run in the safest manner possible?
>>
>> - Bert -
>>