owner id in .sugar/default/

Hal Murray hmurray at megapathdsl.net
Wed May 16 17:37:47 EDT 2007

> I don't think that this plan can work well: it's the key for
> (re)storing the backup. Without it, it's impossible to know which
> backup to restore / to decrypt the backup :-) (Depending of what
> kind of key it is..) 

There is also the case of a laptop getting badly broken (run over by a truck) 
so the student gets a new one.  Or the laptop just dies... (a few of them 
will do that)

That feels like the tip of a security iceberg.  Somebody has to be able to 
authorize access to data on the server without the appropriate key, including 
getting the key.

I don't think that's anything new from the computer security standpoint.  You 
have to trust your sysadmin.  The interesting part for OLPC will be bringing 
the local sysadmins up to speed on security.

These are my opinions, not necessarily my employer's.  I hate spam.

More information about the Devel mailing list