[OLPC Security] User-created activities and upgrades
Benjamin M. Schwartz
bmschwar at fas.harvard.edu
Sat Dec 22 15:44:38 EST 2007
C. Scott Ananian wrote:
> Let's start by implementing the single-user case.
That's reasonable.
> We can worry about user groups later.
I like to have a design laid out as early as possible, even if it's not to be
implemented immediately.
> (Why not just give the group access to the signing
> key?)
I presume you mean to generate a new signing key for each new activity, and keep
the same key for all subsequent versions? The problem is, what if the
development team splits, and each continues to develop the activity using the
same signing key? In that case, only one fork may be installed at any time.
Each fork may claim to be an upgrade from the other's releases. If I have Emacs
installed, and I join a shared XEmacs session, my installed copy of Emacs could
be deleted automatically and replaced by XEmacs.
That would be annoying.
--Ben
More information about the Security
mailing list