[OLPC Security] Please read the spec and the discussion first, thanks. Was: Re: A mom's worries
Adric Net
adric at adric.net
Fri Nov 30 00:31:01 EST 2007
Hi,
Please read the spec, the wiki discussion page, and the previous posts
to this list before trying to discuss perceived flaws in the system
that is being built. http://wiki.laptop.org/go/BitFrost , http://wiki.laptop.org/go/Talk:Bitfrost
, and http://lists.laptop.org/pipermail/security/, respectively.
Discussion of weaknesses in standard Linux or UNIX systems are not
necessarily applicable to the OLPC Bitfrost platform. Also, the spec
is not fully implemented in the software, but the spec makes pretty
clear what features are intended.
An example:
> But any infected activity gets access to system resources in the same
> way as the
> "host" user. Last time I checked, rainbow/service.py didn't do
> anything special
> to try and really hunt-down any background processes created by an
> activity,
> so to say that the spam-bot (or any other unintended malware-type-
> thing)
> dies when the activity gets cleaned up is horribly misleading.
Since, as you acknowledge earlier, each Activity is started in it's
own UID, then it is trivial to make sure that all processes started by
that user and all of their children die when the Activity is
terminated, eg `slay 1003`. So, pointing out that 'weakness' is not
particularly helpful, but submitting a patch that adds that command to
activity tear-down might be.
Similarly, discussion of spamming is hopefully mitigated by the
default network rate limiting and cpu usage limiting of the platform.
If you see weakness in this plan that are not already discussed,
please share. Or submit patches :)
Thanks,
Adric Net
More information about the Security
mailing list