#3801 NORM Untriag: Rainbow, Sugar, and the Datastore need to integrate to isolate Activities from the Datastore
Zarro Boogs per Child
bugtracker at laptop.org
Tue Sep 25 14:49:10 EDT 2007
#3801: Rainbow, Sugar, and the Datastore need to integrate to isolate Activities
from the Datastore
------------------------------------------------------------+---------------
Reporter: mstone | Owner: jg
Type: defect | Status: new
Priority: normal | Milestone: Untriaged
Component: distro | Version:
Keywords: security-integration, security, rainbow, sugar | Verified: 0
------------------------------------------------------------+---------------
Protecting the user's privacy and protecting the authenticity of their
data in the absence of an immutable versioning datastore demand that
activities be isolated from the datastore.
Furthermore, this need is pressing: bertf and others have repeatedly asked
for this feature to be implemented so that they can confidently proceed
with their own work, secure in the knowledge that their software will
behave correctly on the system that we ultimately ship (e.g.
[http://lists.laptop.org/pipermail/sugar/2007-September/003429.html
@sugar: Importing objects from journal]).
According to the
[http://dev.laptop.org/git?p=security;a=blob;f=bitfrost.txt;hb=HEAD
Bitfrost] spec, the isolation from the Datastore imposed on activities
should broken only by exercising the P_DOCUMENT or P_DOCUMENT_RO
capabilities.
more explicitly:
Activities MUST be able to access objects stored in the datastore ONLY by
exercising the P_DOCUMENT or P_DOCUMENT_RO capabilities.
--
Ticket URL: <https://dev.laptop.org/ticket/3801>
One Laptop Per Child <https://dev.laptop.org>
OLPC bug tracking system
More information about the Bugs
mailing list