[sugar] perceived sugar performance
Michael Stone
michael
Tue Apr 29 16:12:29 EDT 2008
On Tue, Apr 29, 2008 at 03:31:05PM -0400, Paul Fox wrote:
> michael wrote:
> > On Tue, Apr 29, 2008 at 02:54:15PM -0400, Paul Fox wrote:
> > > michael wrote:
> > > > Depends. Any software you run can write to your .xsession, yes?
> > > > Afterward, will you really notice an extra instance of 'bash', or
> > > > 'kdmgd', or some other nonsense running in the background, capturing all
> > > > your keystrokes, aliasing 'sudo', running 'xauth ++', setting up a
> > > > spambot, or querying an IRC server for recent local root exploits?
> > >
> > > eek! time to retire. ;-)
> > >
> > > your point is well taken, but since any program i run manually
> > > can also write to lots and lots of things that i run, or use as
> > > config,
> >
> > On an XO running a recent build (including 703), almost all activities
> > are prevented from writing to interesting places like .xsession. We just
> > invent new uids and gids (user ids and group ids) for them on demand.
> > Also, there's plenty left to do to help control the current exceptions.
>
> this paragraph is an argument that autostart is "okay" on the XO --
> not as dangerous as it is on my traditional workstation.
It suggests that we've made it a bit harder to scribble over the
filesystem. There's plenty of nasty things that can still be done. One
must also reflect upon what holes still lurk in the system. :)
Also, I think my comment that extensible user-level autostart systems
running software that touches data which arrived over a network cost
more than you think (and more than they're worth in convenience) still
stands.
Thanks for the invigorating discussion,
Michael
More information about the Sugar-devel
mailing list