[sugar] [OLPC Security] Web activity not containerized?
Sat Dec 22 21:33:43 EST 2007
On Sat, Dec 22, 2007 at 09:15:02PM -0500, Marcus Leech wrote:
> The activity that I "fear" the most from the point of view of getting
> "compromised" (that is, remote-code-execution)
> is Browse. And our band-aid is to de-isolate it. I understand *why*,
> but it still seems a little nausea-making to me.
Help me get out from under #5033 in a reasonably solid fashion and I'll
be happy to devote more energy toward finding a solution for #5489 that
makes us happy.
My approach thus far is available at
Progress has been slow to date because the API is not very well
documented, I'm paranoid about memory errors, and I'm even more paranoid
(Note: I also considered libnss-sqlite but decided that since
a) it looked rather unmaintained to me, and
b) I'm not a proficient SQL writer,
it would be unlikely to lead to any productivity gain if I'm doing the
More information about the Sugar-devel