[OLPC Security] olpc security - wetware issues
Simson Garfinkel
simsong at acm.org
Thu Feb 8 22:56:00 EST 2007
On Feb 8, 2007, at 7:03 PM, alien wrote:
>
> You raise a good point-- the first step would be to decide what would
> be important to log in this environment. Off the top of my head, you
> might want to track who has logged in and out, when programs were
> installed, when updates were applied, perhaps unusual uses of
> privilege, account creation/deletion or when/by whom shared files were
> accessed. What do you think?
I think that you don't quite understand what we are building or the
target audience.
People do not log in or out of these laptops.
There is no account creation or deletion right now. Eventually there
will probably be support for two people using the same laptop, but I
haven't seen a spec so far. (Ivan?)
What do you mean, "unusual uses of privilege?"
Yes, it is useful to keep when the programs were installed, but this
will probably be on a page that just shows the programs.
It seems to me that you keep thinking of this computer as "unix
computer for the masses." That's not what's being built.
>
> Certainly at a minimum, I imagine reviewing who has logged into the
> system is a good start and a concept that any child should be able to
> understand.
What do you mean, "logged into the system?"
Put it this way: let's say we were talking about a cell phone, not a
computer. How would you show the people who had logged into the cell
phone?
More information about the Security
mailing list