[sugar] Web activity not containerized?

Michael Stone michael
Sat Dec 22 18:24:02 EST 2007


On Sat, Dec 22, 2007 at 11:29:40PM +0100, Bert Freudenberg wrote:
> Why not simply run it as the same (non-olpc) user every time?
> 
> - Bert -

I don't personally want to provide such an option because I consider it
prone to abuse. 

Specifically, I don't know who (other than the human operator) should be
allowed to direct Rainbow to exercise such a code-path _and_ I don't yet
know how to reliably measure the human operator's intent that the
program be launched in that fashion.

Since I am confident that the permissions issues in Browse _can_ be
solved at reasonable cost without modifying Sugar or Rainbow, I prefer
to pursue other solutions.

However, if you have ideas on how I can safely do as you propose, I'm
happy to hear them.

Michael




More information about the Sugar-devel mailing list