#2328 BLOC Retriag: Bitfrost requires that the 'File New' and 'Share' features be initiated through Sugar itself, not through the activities.
Zarro Boogs per Child
bugtracker at laptop.org
Sat Dec 1 16:55:59 EST 2007
#2328: Bitfrost requires that the 'File New' and 'Share' features be initiated
through Sugar itself, not through the activities.
----------------------+-----------------------------------------------------
Reporter: mstone | Owner: marco
Type: defect | Status: new
Priority: blocker | Milestone: Retriage, Please!
Component: sugar | Version:
Resolution: | Keywords: security, sugar
Verified: 0 |
----------------------+-----------------------------------------------------
Changes (by mstone):
* milestone: Future Release => Retriage, Please!
Comment:
As I stated in #3801, we need to close this bug sooner rather than later.
In particular, while locking down X is clearly quite important, our
ultimate ability to harden X won't matter a bit if we don't start to
fetter access to the datastore. Could you please triage accordingly?
Marco, Tomeu - sugar clearly needs an API for determining whether to show
the object chooser in response to an activity's request. To a first
approximation, this API should take a security identifier (today, a uid)
and should return a decision (which today could be 'Allow' or 'Deny'). It
should probably also take a selector to indicate whether the activity
wants read-only access to the datastore entries it may receive or whether
it also wants to be able to commit updates to them.
(I'm hypothesizing here that requests to update a datastore entry with an
ID the DS has never seen will always be accepted but that requests to
update an existing entry must have been authorized by the human operator.)
Thoughts?
--
Ticket URL: <http://dev.laptop.org/ticket/2328#comment:15>
One Laptop Per Child <http://dev.laptop.org>
OLPC bug tracking system
More information about the Bugs
mailing list