[OLPC Security] Please review the Security section in the Developer's Handbook

reynt0 reynt0 at cs.albany.edu
Thu Dec 20 18:08:22 EST 2007


I am a new lurker on this list, as I am learning about the
nice OLPC.  I have some suggested edits, but as a newbie
do not want just to jump into the wiki, so I am posting
them here to the list, for you folks to use or not as you
wish.

My suggestions follow the snipped quote of MCF.

Cheers.

On Wed, 19 Dec 2007, Mike C. Fletcher wrote:
  . . .
> The section is here:
>    http://wiki.laptop.org/go/Developers/Issues#Security
  . . .

**********Suggestions*****************************:

1.  [1st paragraph of "Security" section presently is:]

Your activities will have to work within the OLPC Bitfrost security 
system. Bitfrost is a rather intrusive approach to security from the 
developer's perspective (while to the user it is quite transparent). This 
is by design. To work within Bitfrost you will often need to consider the 
security ramifications of what you are doing.

[Suggested revision replaces "activities" which can be equivocal, and 
structures the second sentence in a simpler linear form which may be 
clearer:]

Your code product will have to work within the OLPC Bitfrost security 
system. While to the user it is quite transparent, from the developer's 
perspective Bitfrost is a rather intrusive approach to security. This is 
by design. To work within Bitfrost you will often need to consider the 
security ramifications of what you are doing.


2.  [Within the "Restriction Summary" section presently is the line:]

constrain all file-writing to the ${SUGAR_ACTIVITY_ROOT}

[I am not familiar with the system, so I cannot suggest a revision.
But I think it is worth mentioning that "constrain" is used by people
sometimes in ways which actually have opposite meaning, and it is good
always to be explicit what is meant.  Here, is it meant that (i) all 
file-writing is constrained to be *only* to the ${SUGAR_ACTIVITY_ROOT},
or that (ii) all file-writing is constrained *not ever* to be to the
${SUGAR_ACTIVITY_ROOT}?  Since it says "ROOT", I guess (ii), which
would make a suggested revision be "constrain all file-writing so
it never is to the ${SUGAR_ACTIVITY_ROOT}", but I do not know.]


More information about the Security mailing list