When I think about it, I realize that it is important
that the device is secure to use on a network.
Someday the Openmoko devices will support stuff
like flash, java, java script and much more. When
this device connects to the Internet, and the client
on the device runs as an unprivileged user, the
security risks are dramatically reduced.
The users data can be devided into two categories:
normal and sensitive. The sensitive data can be
protected in some way (only accessable to the
superuser or on an encrypted place).
What about the 4 users model:
root:
- only for root stuff
superuser:
- for accessing sensitive/personal data
- may be encrypted
normal:
- the normal user mode
nobody:
- restricted
- cannot run sudo
- can not do any harm to the system
- no direct hardware access
- can not access sensitive data
- should be used for untrusted things
(games & network)
If the device owner wants less security, it is
just to log in as superuser or even root.
With this kind of setup, the freedom of choice
belongs to the user.
_______________________________________________
Openmoko community mailing list
community@lists.openmoko.org
http://lists.openmoko.org/mailman/listinfo/community
