[Sugar-devel] [IAEP] A security vs. functionality question

Luke Faraone luke at faraone.cc
Thu Aug 6 21:13:01 EDT 2009


On Thu, Aug 6, 2009 at 20:56, Benjamin M. Schwartz <bmschwar at fas.harvard.edu
> wrote:

> > I had assumed everyone has root access, it is such a basic need for a
> > machine you own.
>
> Not all Sugar users run on machines that they own.  Some are students
> running on school computers.  Some are children who run on their parents'
> computers.  In any case, I'm uncomfortable with an Activity requiring
> arbitrary root access, and what Rainbow provides is very much like a
> chroot (chhome? chuser?).


Well, Rainbow provides sensible permissions and allows the activity no write
access outside of its own special subdirectory, but it has read access
otherwise to anything `nobody` can view, IIRC.


-- 
Luke Faraone
http://luke.faraone.cc
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.sugarlabs.org/archive/sugar-devel/attachments/20090806/9704e05e/attachment.htm 


More information about the Sugar-devel mailing list