[sugar] perceived sugar performance

[Michael Stone]

On Tue, Apr 29, 2008 at 03:31:05PM -0400, Paul Fox wrote:
> michael wrote:
>  > On Tue, Apr 29, 2008 at 02:54:15PM -0400, Paul Fox wrote:
>  > > michael wrote:
>  > >  > Depends. Any software you run can write to your .xsession, yes?
>  > >  > Afterward, will you really notice an extra instance of 'bash', or
>  > >  > 'kdmgd', or some other nonsense running in the background, capturing all
>  > >  > your keystrokes, aliasing 'sudo', running 'xauth ++', setting up a
>  > >  > spambot, or querying an IRC server for recent local root exploits?
>  > > 
>  > > eek!  time to retire.  ;-)
>  > > 
>  > > your point is well taken, but since any program i run manually
>  > > can also write to lots and lots of things that i run, or use as
>  > > config, 
>  > 
>  > On an XO running a recent build (including 703), almost all activities
>  > are prevented from writing to interesting places like .xsession. We just
>  > invent new uids and gids (user ids and group ids) for them on demand.
>  > Also, there's plenty left to do to help control the current exceptions.
> 
> this paragraph is an argument that autostart is "okay" on the XO --
> not as dangerous as it is on my traditional workstation.

It suggests that we've made it a bit harder to scribble over the
filesystem. There's plenty of nasty things that can still be done. One
must also reflect upon what holes still lurk in the system. :)

Also, I think my comment that extensible user-level autostart systems
running software that touches data which arrived over a network cost
more than you think (and more than they're worth in convenience) still
stands.

Thanks for the invigorating discussion,

Michael