Bitfrost and dual-boot

Jameson "Chema" Quinn jquinn at
Thu May 29 16:58:07 EDT 2008

> if you run everything as user olpc and user olpc can become root without a
> password, getting olpc is as good as getting root.

An arbitrary process running as user olpc should not be able to get root. My
impression is that it cannot, currently; am I wrong?

> not to mention the fact that you would need to audit every program to see
> what it will do with the data you feed it (if anything reads something from
> a file and then executes arbatrary commands based on it, you've lost)

If it switches to run as another user (or otherwise reduces its own
destructive capabilities) before doing so, not so. This is the principle
that Bitfrost is built on: ways to run untrusted code.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <>

More information about the Devel mailing list