[Sugar-devel] OLPC's XO-1.5 software plan.
Michael Stone
michael at laptop.org
Sat May 16 17:59:11 EDT 2009
> What is the status of rainbow within this?
Do you mean "rainbow", "Sugar activity isolation", or something broader still?
If you actually mean "rainbow", then you could you please to review
http://wiki.laptop.org/go/Rainbow
and ask a more specific question, so that I can answer it there? (I believe
that I've updated it several times since we last spoke...)
If, on the other hand, you're really asking about "Sugar activity isolation",
or, more generally, "Sugar security", then you're in a bit of a bind...
because, as far as I can tell, there is no consensus within the Sugar community
about what security model defines the minimum standard of security that Sugar
itself must provide by default in all settings in which it is deployed.
(I, understandably, advocate for a far-reaching minimum standard.)
Evidence:
* "activity isolation", as implemented in sugar-0.82.* in terms or rainbow,
was removed from sugar-0.84 without, so far as I can tell, much mention
* no public replies:
http://lists.sugarlabs.org/archive/sugar-devel/2009-May/014273.html
http://lists.sugarlabs.org/archive/sugar-devel/2009-April/013732.html
http://lists.sugarlabs.org/archive/sugar-devel/2009-March/012387.html
* lots of replies, no action in the subsequent three months in response to my
documentation improvements and further queries listed above:
http://lists.sugarlabs.org/archive/sugar-devel/2009-February/012187.html
Finally, if you mean "something broader" like, say, "what security features do
OLPC's customers require (sic. desire) from their distro?", then could you
please elaborate?
Regards,
Michael
More information about the Sugar-devel
mailing list