[OLPC Security] Bitfrost vs. Rainbow

Toby Murray toby.murray at comlab.ox.ac.uk
Mon Mar 31 21:12:51 EDT 2008


Hi,

I'm writing to enquire about the differences (if any) between the
Bitfrost ideals and the Rainbow implementation.

In particular, the original Bitfrost documentation (e.g. [1]) suggests
that it would be implemented using the VServer to control filesystem
visibility etc.

However, a quick look at relevant Rainbow docs (specifically [2])
indicate that Rainbow might be implemented using only the standard Linux
DAC mechanisms -- essentially, very similar to the Polaris design[3].

Some more specific questions:

 - Does Rainbow use chroot?
 - If so, how does its filesystem protections go beyond what Plash [4]
offers?
 - In particular, Plash has some (or is close to providing) support for
copy-on-write access, which is hinted at in [2].

Any info would be great.

Finally, were one interested in hacking on Rainbow, what is an ideal
development environment for doing so? (Particularly for someone without
access to an XO).

Many thanks,

and cheers to all of those involved here. OLPC, and its security
model/architecture, are nothing if not the most successful vehicle by
which "least authority" has been sold to an otherwise apathetic
audience. Kudos.

Toby

[1] http://cups.cs.cmu.edu/soups/2007/proceedings/p132_krstic.pdf
[2]
http://dev.laptop.org/git?p=users/mstone/security;a=blob;f=rainbow.txt;hb=HEAD 
[3] http://www.hpl.hp.com/techreports/2004/HPL-2004-221.html 
[4] http://plash.beasts.org/wiki/



More information about the Security mailing list