[OLPC-devel] OLPC "bootloader"
ksankar at gte.net
Sun Jun 25 12:10:55 EDT 2006
We need to drill down a bit on this and make sure the mechanisms are bulletproof. As you know, one of the pushbacks is that the OLPCs could be used as a set of massive bots.
I assume we do not plan to load arbitrary code and the runtime feature set is bound. But the wireless load would be one point where there is the vulnerability for arbitrary code.
What are you thinking of in terms of the security mechanics/protocols ? Any links to look at ? As you said, we should have the security features from Day 1, and yes for functional completeness et al, we can bypass it, but that shouldn't be available in the final system. I would like to make sure (like all of us) that we have the security sandbox in place from the very beginning, including, if necessary an SELinux-lite. Unfortunately we will have to spend some CPU cycles on security, and that is just a reality.
>>Jim Gettys wrote:
>> Whether we have to deal with it on our first day, is a different
>Well, the beauty of this system we are using (runs on Linux, but comes
>from Plan 9) is that security is pretty good on the first day. So we can
>run without it for test, if we wish, but turning it on is easy.
More information about the Devel