kkr wrote:
Le jeudi 01 mars 2007 à 09:48 -0600, Jonathon Suggs a écrit :
<snip>
Isn't this something along the lines of SELinux? If that is the case,
is that something we should look at implementing?
<snip>
As I understood SELinux, it would be a good tool for security.
Many (or most) other (close) Linux phone use SELinux to (successfully)
block hacker who want to free their phone. But if we use it for our
interest, I feel, it would be fine.
But if a user doesn't want to think about the problem of security, as
he will download anything from everywhere (binary from untrusted
source), he will simply switch off SELinux in a way of making working
his new (downloaded) application...
As I remember, with Fedora Core 6 (which use SELinux), when I've
installed some application from official repository, some application
doesn't work because the policy of SELinux is not, or badly implemented
for them. So, I did have the chose to:
- write by myself a new SELinux policy (but I do not have enough skill
to do that)
- disable SELinux to use it
- not use it
So, if I've chose to wait an update of the SELinux policy, I guess, some
users would simply chose to disable SELinux...
We can do nothing for users which doesn't care about security concern,
except trying to educated them... Or simply don't care about their
problem.
Regards,
_______________________________________________
OpenMoko community mailing list
[email protected]
http://lists.openmoko.org/mailman/listinfo/community
Good points. The goal is usability. We shouldn't have to make the
device bend to our will...it should behave naturally as one would
expect. Having end users even think of what a SELinux policy is 100%
wrong. First because they don't necessarily need to know about it.
Two, some/most won't comprehend what it is or why then need/want it.
Third, when given your three options I would guess there are only two
solutions. One is have a nasty enough dialog "Doing this WILL cause
your phone to explode, don't do it" and they won't use the software and
be confused. The other is that they just disable SELinux (or whatever
security/preventative measure) and install the software.
Designing software is hard. Making it user friendly is hard.
Preventing users from doing dumb things is hard. Then throw into the
mix trying to design a system that will protect against poorly written
software or malicious software and things get really hard. But that is
why we are discussing this...trying to figure out a solution.
That said, is SELinux a good thing to look into for OpenMoko? What are
the difficulties? How does that affect the developers?
Keep the dialog going.
_______________________________________________
OpenMoko community mailing list
[email protected]
http://lists.openmoko.org/mailman/listinfo/community
