When I give my phone away I'm not only concerned about what this user can do, but rather what the applications that he will install can do. In this case starting a container would give you greater protection than just creating a new user. So yes, maybe containers could be a good technology to implement this.
"Not Umbrella Containers" operate under the assumption that we all failed - that there is a hole and a malicious application can use it to do stuff. NUC would place a concrete wall between the private and business environments, so malicious apps still can do stuff but only in one environment. That is the use case we are concentrating on. The main threat for the security of the user is the user himself. I would accept any set of permissions just to get this Tree Climbing Game I long, but at least I wouldn't imperile my business data. Thanks, Jan -----Original Message----- From: Jarkko Sakkinen [mailto:[email protected]] Sent: Tuesday, March 11, 2014 11:33 AM To: MyungJoo Ham Cc: Schaufler, Casey; Jan Olszak; [email protected] Subject: Re: [Dev] Linux Containers on Tizen On Tue, Mar 11, 2014 at 01:56:33AM +0000, MyungJoo Ham wrote: > Not related with multi-user project at least for now. It is an > independent project and it does not assume that the two domains > have different users. In thhe first mail there was a use case where you would give your phone or tablet to your child. Should multi-user address the same use case or not? The main difference I see with multi-user and this is that: 1. Multi-user is a feature and proper technologies are chosen to implement it. 2. Containers (not that well defined umbrella term for linux namespaces and cgroups when you combine them) is a technology. You might use parts of it for implementing features such as multi-user support. With my limited knowledge of this effort it really looks like as someone was climbing feet first into the tree. /Jarkko _______________________________________________ Dev mailing list [email protected] https://lists.tizen.org/listinfo/dev
