[sugar] Initial Security Patches

Dan Williams dcbw
Tue Jul 31 22:49:08 EDT 2007


On Tue, 2007-07-31 at 21:45 +0200, Marco Pesenti Gritti wrote:
> Hello,
> 
> thanks for the explanation, it clarifies a lot of things.
> 
> As I just said to Ivan and coderanger on irc we needs to be clear on
> the actual goals for Trial-3. In particular I'd like to know:
> 
> 1 Are we aiming to enable this by default for Trial-3

Yes.  If activities in containers don't go into Trial 3, they will not
get into FRS.  They don't have to be locked down at all, just have
activities launched in containers.  We just have to figure out by
Trial-3 if people can fix the bugs that come up.  If they can't, we rip
containers back out and re-evaluate the security position.

> 2 Are we aiming at pushing one-instance-per-process for Trial-3

We may just end up whitelisting EToys and Browse as
multiple-instance-per-process activities, and just accept that one
Browse instance can interact adversely with all other instances.  I
don't think we've  made that call concretely yet though we did discuss
it on the train today.

Dan





More information about the Sugar-devel mailing list