#5657 NORM 8.2.0 (: Rainbow should check that loophole'd activities come from /usr/share/activities.
Zarro Boogs per Child
bugtracker at laptop.org
Tue Aug 26 10:58:42 EDT 2008
#5657: Rainbow should check that loophole'd activities come from
/usr/share/activities.
----------------------+-----------------------------------------------------
Reporter: cscott | Owner: homunq
Type: defect | Status: new
Priority: normal | Milestone: 8.2.0 (was Update.2)
Component: sugar | Version:
Resolution: | Keywords: security rainbow-integration, r-, blocks-:8.2.0
Next_action: review | Verified: 0
Blockedby: | Blocking:
----------------------+-----------------------------------------------------
Changes (by marco):
* keywords: security rainbow-integration, r?, blocks-:8.2.0 => security
rainbow-integration, r-, blocks-:8.2.0
Comment:
The patches needs some work.
sugar-toolkit patch:
I don't like to make activitybundle depend on the factory. I'd prefer to
make loopholed a property of ActivityBundle. It's a bit involved because
it requires to pass it through dbus. Otherwise it would be probably fine
to just move the list to ActivityBundle and have the factory import it.
Also my understanding is that Sugar will always perform the security
check, if I'm not mistake then there is no need for the additional arg to
install for now.
sugar patch:
Let's do the check in activityregistryservice AddBundle, it's the only
method that exposes this outside the shell. Do not hardcode ~/Activities,
check the whole activities path (_get_activities_directories in
bundleregistry). You could add a check_activity_path in the registry or
something.
--
Ticket URL: <http://dev.laptop.org/ticket/5657#comment:23>
One Laptop Per Child <http://laptop.org/>
OLPC bug tracking system
More information about the Bugs
mailing list