I'm assuming that the data would only go one way. In that case, the permission would be, an app without P_NETWORK would not be able to request opening of apps with P_NETWORK. No new permissions needed, just careful attention to the ones we have.<br>
<br><div class="gmail_quote">On Fri, Apr 11, 2008 at 7:53 AM, Eben Eliason <<a href="mailto:eben.eliason@gmail.com">eben.eliason@gmail.com</a>> wrote:<br><blockquote class="gmail_quote" style="border-left: 1px solid rgb(204, 204, 204); margin: 0pt 0pt 0pt 0.8ex; padding-left: 1ex;">
<div><div></div><div class="Wj3C7c">On Fri, Apr 11, 2008 at 9:45 AM, Benjamin M. Schwartz<br>
<<a href="mailto:bmschwar@fas.harvard.edu">bmschwar@fas.harvard.edu</a>> wrote:<br>
> -----BEGIN PGP SIGNED MESSAGE-----<br>
> Hash: SHA1<br>
><br>
><br>
><br>
> Eben Eliason wrote:<br>
> |> > 3. Need easy way to group links to activities, such as in a lesson<br>
> |> > plan.<br>
> |> ><br>
> |> > Use Case:<br>
> |> > Kid reads through geometry tutorial and clicks on first activity<br>
> which<br>
> |> > opens up Dr. Geo. After finishing w/ Dr. Geo he does some more<br>
> reading<br>
> |> > in the tutorial and then clicks on a second link which opens up a<br>
> |> > related GCompris activity.<br>
> |> ><br>
> |> > We need a way to launch different activities from within a graphical<br>
> |> > context, e.g. a tutorial. HTML is the most practical way to do this.<br>
> I<br>
> |> > know there are issues w/ Rainbow and activities calling other<br>
> activities<br>
> |> > but this is very important to the learning process.<br>
> |><br>
> |> Interesting, would like to know what Eben thinks about it.<br>
> |<br>
> | This is an interesting idea, and one I don't really have a direct<br>
> | solution for, at present. One potential option, and perhaps the most<br>
> | interesting, is also a fair bit of work. It entails adding a bitfrost<br>
> | permission (does it already have one?) akin to P_EXEC or something<br>
> | similar, which allows an activity to make a request to the shell to<br>
> | launch another activity, passing it a URI (could be a file, could be a<br>
> | URL, etc) and having it ask the user to confirm the action. With such<br>
> | an approach, any activity that wanted could embed links to other<br>
> | activities, or to web sites. If we build this into the shell, and<br>
> | offer it as a permission, I don't believe that it will pose any<br>
> | security problems*.<br>
> |<br>
> | * I could be very wrong, though.<br>
><br>
> IMHO, the best solution is the one already used by Browse in the case of<br>
> PDF downloads. The files are downloaded, and then the Journal is asked to<br>
> present the user with information about the item and the option to launch<br>
> it. This is akin to how most modern browsers handle media files that will<br>
> launch outside the browser. They present a window saying "You are<br>
> downloading a file of type "PDF". Would you like to open it using<br>
> "Document Viewer"?" They also offer a drop-down list of alternative<br>
> applications.<br>
><br>
> Letting the Journal handle all open requests improves usability, in my<br>
> view, by ensuring that the user can always postpone an opening action, or<br>
> choose an alternative handler. I also think it improves security, by<br>
> avoiding a number of potential DoS, privilege escalation, and information<br>
> disclosure (e.g. #6837, #6838) problems.<br>
<br>
</div></div>In case I was unclear, that is just the kind of thing I was<br>
suggesting. I think that the shell should expose a "launcher"<br>
service, which will do just the kinds of things you mention here. The<br>
UI would all be handled by the shell, not the activity making the<br>
request. Perhaps if it's always done this way through the shell<br>
service, we don't even need a permission.<br>
<font color="#888888"><br>
- Eben<br>
</font><div><div></div><div class="Wj3C7c">_______________________________________________<br>
Sugar mailing list<br>
<a href="mailto:Sugar@lists.laptop.org">Sugar@lists.laptop.org</a><br>
<a href="http://lists.laptop.org/listinfo/sugar" target="_blank">http://lists.laptop.org/listinfo/sugar</a><br>
</div></div></blockquote></div><br>