[sugar] Initial Security Patches
Michael Stone
michael at laptop.org
Tue Jul 31 13:02:53 EDT 2007
On Tue, Jul 31, 2007 at 11:24:55AM +0200, Marco Pesenti Gritti wrote:
> There are a couple of general issues related to the
> one-process-per-activity-instance approach.
>
> 1 Memory. Every activity process (even a trivial one) uses about 8 MB
> (Resident - Shared) currently.
We are intensely aware of this and are searching for solutions, both
temporary and long term. The temporary solution that we are going
forward with at the moment is to special-case python activities by
having Rainbow maintain a prototype python-activity process which it can
manipulate appropriately.
In the longer term, we seek better kernel tools for managing security
contexts and possibility of sharing between the processes inside them.
> 2 Activities lose the ability to provide services, which might be
> useful for direct interaction between activities. Ex. Write activity
> getting an image from the Camera activity.
Noah has thought more about this issue than I have, since he has been
working to improve our the state of our messaging security. In the mean
time, however, while I begin to ponder it, is there any list of
inter-activity relationships that already exist at the present time? Or
any discussion of proposed relationships?
> I'm not sure if they are blockers, but probably worth thinking about.
No argument that they're worth thinking about from me.
Michael
More information about the Sugar
mailing list