[sugar] Initial Security Patches
Noah Kantrowitz
kantrn at rpi.edu
Tue Jul 31 23:02:55 EDT 2007
Dan Williams wrote:
> On Tue, 2007-07-31 at 21:45 +0200, Marco Pesenti Gritti wrote:
>
>> Hello,
>>
>> thanks for the explanation, it clarifies a lot of things.
>>
>> As I just said to Ivan and coderanger on irc we needs to be clear on
>> the actual goals for Trial-3. In particular I'd like to know:
>>
>> 1 Are we aiming to enable this by default for Trial-3
>>
>
> Yes. If activities in containers don't go into Trial 3, they will not
> get into FRS. They don't have to be locked down at all, just have
> activities launched in containers. We just have to figure out by
> Trial-3 if people can fix the bugs that come up. If they can't, we rip
> containers back out and re-evaluate the security position.
>
>
>> 2 Are we aiming at pushing one-instance-per-process for Trial-3
>>
>
> We may just end up whitelisting EToys and Browse as
> multiple-instance-per-process activities, and just accept that one
> Browse instance can interact adversely with all other instances. I
> don't think we've made that call concretely yet though we did discuss
> it on the train today.
>
This has always been the plan for the two of them AFAIK. When we
formalize the new launcher protocol, I intend to use Browse as the POC
of monolithic activities.
--Noah
More information about the Sugar
mailing list