[Sugar-devel] [ASLO] Release Read ETexts-19
tomeu at tomeuvizoso.net
Fri Mar 19 05:28:10 EDT 2010
On Wed, Mar 17, 2010 at 23:08, James Simmons <nicestep at gmail.com> wrote:
> I was looking at the code for Leer Pen Drive and thinking how I could
> improve on it, and in the process I ended up looking at
> git.sugarlabs.org at the code for Journal. Apparently that is not the
> most recent code, but I was a bit surprised that Journal inherits from
> Activity. That wouldn't be too surprising except that the Journal
> Activity can write to a USB or thumb drive. I couldn't figure out how
> or even where it was doing it, but it does seem that you could write
> an Activity that does everything the Journal does, from writing to
> mounted media to unmounting it.
> How is that possible? My guess: like everything else I don't fully
> understand about Sugar, it has something to do with DBus.
> If anyone could point me to something that might help my understanding
> I'd appreciate it.
the journal shares with activities some code, but is activated
differently. It runs inside the shell process instead of being run as
a separate process inside a rainbow sandbox, and this is why it can do
things that other activities cannot.
> James Simmons
> On Wed, Mar 17, 2010 at 6:13 AM, Sascha Silbe
> <sascha-ml-ui-sugar-devel at silbe.org> wrote:
>> On Tue, Mar 16, 2010 at 07:55:59PM -0500, James Simmons wrote:
>>> It would be nice if one of the things Activities were allowed to write
>>> to was external drives mounted on /media.
>> The only thing that might prevent that is Rainbow, which isn't installed by
>> default on any system running > 0.82 that I know of (and in 0.82-using OLPC
>> builds it's supposed to allow access to /media ). So while you cannot
>> depend on it, it will work fine in most cases in the near future.
>>> That would enable anyone to put together a Journal-like Activity and yet
>>> would probably not do too much harm securitywise.
>> I have to disagree, access to /media/* is equally sensitive as access to the
>> data store. It's even so similar that we might use the same set of
>> permissions for both.
>> FTR: Rainbow currently doesn't do anything special for /media. Sugar (or
>> probably the Gnome parts it's based on) mounts FAT filesystems in /media
>> with dmask=0077, thereby denying access to anyone but the primary user. In
>> combination this means access to /media/* is denied to activities running on
>> recent Sugar and Rainbow.
> Sugar-devel mailing list
> Sugar-devel at lists.sugarlabs.org
More information about the Sugar-devel