#2647 HIGH Trial-3: [PATCH] Security modifications to Sugar.
Zarro Boogs per Child
bugtracker at laptop.org
Fri Aug 3 04:33:25 EDT 2007
#2647: [PATCH] Security modifications to Sugar.
--------------------------+-------------------------------------------------
Reporter: coderanger | Owner: dcbw
Type: enhancement | Status: new
Priority: high | Milestone: Trial-3
Component: sugar | Version:
Resolution: | Keywords: review-
Verified: 0 |
--------------------------+-------------------------------------------------
Comment (by coderanger):
Replying to [comment:1 marco]:
> {{{
> + self._rainbow = None
> + if os.path.exists('/etc/olpc-security'):
> + self._rainbow = False # Lazily bind this
> }}}
>
> I don't like the False trick. Please just add a _get_rainbow_service()
method which lazily initialize self._rainbow, if lazy initialization is
necessary. Or just get the service in CurrentActivityChanged if you are
not planning to add more calls to the service in this class.
Rebinding the interface each time would be needlessly wasteful (connection
establishment is very slow). Even with a function we still need 3 states:
not using rainbow, rainbow connection not yet initialized, rainbow
connection initialized. I'm not sure how adding a function will fix this.
>
> {{{
> + factory.create_activity(self._service_name,
> }}}
>
> Should be CreateActivity. I've seen your comment about it on the mailing
list but... how would this break Sugar?
I wanted to keep our changes minor, and given that this call is going away
shortly I don't think it matters much.
> {{{
> + dbus-launch --exit-with-session --config-file=/etc/dbus-1/session-
olpc.conf sugar-shell
> }}}
>
> Why do we need a custom conf here? What is going to install it?
The rainbow package installs it. This is needed both to move the DBus
session bus socket and (later) to enable the OLPC-specific security mode
in the session daemon.
--
Ticket URL: <http://dev.laptop.org/ticket/2647#comment:3>
One Laptop Per Child <http://laptop.org/>
More information about the Bugs
mailing list