#10149 NORM Not Tri: XO 1.5 olpc-update on a WP (security enabled) machine
Zarro Boogs per Child
bugtracker at laptop.org
Wed May 5 14:03:47 EDT 2010
#10149: XO 1.5 olpc-update on a WP (security enabled) machine
--------------------------+-------------------------------------------------
Reporter: reuben | Owner: cjb
Type: defect | Status: new
Priority: normal | Milestone: Not Triaged
Component: not assigned | Version: not specified
Keywords: | Next_action: never set
Verified: 0 | Deployment_affected:
Blockedby: | Blocking:
--------------------------+-------------------------------------------------
I have not tested this but from what I understand looking at the source it
looks like someone using a secure xo 1.5 could olpc-update to an unsigned
build without any warning. This would then prevent the end user from being
able to boot until they have reflashed with a signed image.
This raises a larger question: Should an olpc-update server be defined or
should it be an option that deployments define when creating their own
custom image?
My concern is smallish deployments that create a custom image, an image
that includes additional RPMs. Unless the smallish deployment maintains
and specifies an update server, all customizations would be lost after an
olpc-update against our update server.
--
Ticket URL: <http://dev.laptop.org/ticket/10149>
One Laptop Per Child <http://laptop.org/>
OLPC bug tracking system
More information about the Bugs
mailing list