On Thu, 29 May 2008, C. Scott Ananian wrote: > On Thu, May 29, 2008 at 6:03 PM, Michael Stone <[EMAIL PROTECTED]> wrote: >> On Thu, May 29, 2008 at 05:53:49PM -0400, Michael Stone wrote: >>> On Thu, May 29, 2008 at 02:58:07PM -0600, Jameson Chema Quinn wrote: >>> In recent builds, any process running as user OLPC can execute code as >>> uid 0 via the setuid-0 user-olpc-executable /usr/bin/sudo. >> >> A small correction: in recent builds, /bin/su is 04550 root/wheel, user >> olpc is a member of wheel, and /usr/bin/sudo is a thin wrapper around >> /bin/su. > > And to elaborate: the idea is that untrusted code should not be > running as the 'olpc' user: 'olpc' is a trusted account. Activities > run/should be running as their own unique UUIDs, which are isolated > from the olpc account.
so a python program written by the owner of the laptop won't run as user olpc? what if they write it in the terminal activity using vi? David Lang _______________________________________________ Devel mailing list Devel@lists.laptop.org http://lists.laptop.org/listinfo/devel
