talex5 at gmail.com
Sun Aug 8 04:48:45 EDT 2010
On Wed, 04 Aug 2010 20:05:06 +0100, pbrobinson at gmail.com wrote:
> On Tue, Jul 6, 2010 at 5:02 PM, Benjamin M. Schwartz
> <bmschwar at fas.harvard.edu> wrote:
>> On 07/06/2010 11:51 AM, Bernie Innocenti wrote:
>>> Ok, I think the requirements for activity bundles could be:
>>> 1) Support multiple CPU architectures
>>> 2) Support multiple distros (and different versions of same distro)
>>> 3) Centralized build cluster (submit one source package, get multiple
>>> binary packages)
>>> 4) Support inter-bundle dependencies
>>> (e.g.: GCompris + voices, OOo4Kids + dictionaries)
>>> 5) Support activity <-> OS dependencies (e.g.: espeak for Speak,
>>> squeak for etoys...)
>>> 6) Work with any programming language (setup.py is python-centric)
>>> 7) Easy to learn for activity writers without too much distro-hacking
>>> These requirements would fit well both rpm and deb, with OpenSUSE
>>> Build Service or their native build clusters.
>> I think you are missing an important requirement: installation without
>> elevated permissions.
> PackageKit can already do that. There was a furore around 6 months ago
> when someone enabled it by default for Fedora.
I think that's a little different. Fedora allowed an unprivileged user to
install a package, but giving the package full privileges.
For 0sugar, I assume, the user is fully privileged (it's their machine);
it's the package that should be restricted, not the user.
This distinction has caused a lot of confusion in the past, and I've now
added a section to http://0install.net/injector-security.html to try and
I've also added a demonstration of using 0install for sandboxing, showing
how sandboxed processes can still share libraries (which doesn't happen
if you just create lots of separate RPM databases):
Hope that helps,
Dr Thomas Leonard http://0install.net
GPG: 9242 9807 C985 3C07 44A6 8B9A AE07 8280 59A5 3CC1
More information about the Devel