[OLPC Security] SuperUser permission for the Driver??

Benjamin M. Schwartz bmschwar at fas.harvard.edu
Thu Jun 26 12:29:36 EDT 2008


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Deepak Saxena wrote:
| I agree with Paul that we need to have a solution to these
| cases iff we want to support running arbitrary software and
| hw combinations on the XO. The other option is to limit the
| scope of the system to a very specific set of sw and hw,
| treating the XO as embedded education appliance instead of
| a general-purpose laptop device, which I don't think
| we want to do.

That is _precisely_ what I want to do.

OLPC's goal is to distribute XOs to the poorest children in the world.
That means that in the category of electronics, the great majority will
have the XO and nothing else.  Peripherals are a rarity, an edge case.

There is a planned design to allow the user to grant extra privileges to
different Activities, but those privileges will probably never extend to
loading arbitrary kernel modules.  I have no problem declaring that anyone
who is modifying the kernel is a "developer", and should therefore get a
devkey and call modprobe themselves.

- --Ben
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.9 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iEYEARECAAYFAkhjw/AACgkQUJT6e6HFtqQlSgCfbDujhumR3cmtT/MpEH8qQidC
cYEAn0atipCHDcuYjAIvS/E6IpxD0Ktb
=WJse
-----END PGP SIGNATURE-----


More information about the Security mailing list