[sugar] perceived sugar performance

Michael Stone michael
Tue Apr 29 15:09:52 EDT 2008


On Tue, Apr 29, 2008 at 02:54:15PM -0400, Paul Fox wrote:
> michael wrote:
>  > Depends. Any software you run can write to your .xsession, yes?
>  > Afterward, will you really notice an extra instance of 'bash', or
>  > 'kdmgd', or some other nonsense running in the background, capturing all
>  > your keystrokes, aliasing 'sudo', running 'xauth ++', setting up a
>  > spambot, or querying an IRC server for recent local root exploits?
> 
> eek!  time to retire.  ;-)
> 
> your point is well taken, but since any program i run manually
> can also write to lots and lots of things that i run, or use as
> config, 

On an XO running a recent build (including 703), almost all activities
are prevented from writing to interesting places like .xsession. We just
invent new uids and gids (user ids and group ids) for them on demand.
Also, there's plenty left to do to help control the current exceptions.

> i'm not sure why autostart makes a huge difference.  

Avoiding autostart means that reboot is much more powerful - rebooting
will actually have some chance of restoring your system to a workable
state. It also gives you a small mischief diagnosis tool - you can do
controlled experiments to determine whether your system does annoying
things when you run specific activities. (We're thinking of trying to
add some power usage monitoring and some network isolation that will
further support this use.) Combined with a button or option on each
activity that lets one wipe away cached state, this system will
plausibly have achieved a new plateau of mischief resilience.

Michael



More information about the Sugar-devel mailing list