On Thu, 26 Jun 2008, Deepak Saxena wrote:
> On Jun 25 2008, at 14:01, Carl-Daniel Hailfinger was caught saying: >> On 25.06.2008 08:07, Michael Stone wrote: >>> We have an activity that wants superuser privilege in order to poke >>> kernel memory. >>> >> >> Hello? Please take the poor activity out back and shoot it. No activity >> has any business poking kernel memory. > > What if I replace Michael's statement with some specific use cases: > > - An activity requires a specific device driver module to be (un)loaded > to properly function and loading this driver requires su privilege. > > or: > > - An activity requires a device to switch operation modes and that > operation mode is configured via a sysfs file. The file is poked > by a library API, but it requires su privilege to do so. > > I agree with Paul that we need to have a solution to these > cases iff we want to support running arbitrary software and > hw combinations on the XO. The other option is to limit the > scope of the system to a very specific set of sw and hw, > treating the XO as embedded education appliance instead of > a general-purpose laptop device, which I don't think > we want to do. It can be a general purpose laptop. And we need not surrender our common sense: if we want the thing to be better, it will have to be different. In particular, it cannot have kernel modules promiscuously loaded and unloaded. Thus not all software will run on the laptop. But that is already the case for the most widely distributed home systems: a Microsoft program will not run on GNU/Linux, an Apple program will not run on a Microsoft OS, etc.. > > I don't have any immediate answers to any of Michael's questions > but I think looking at how the standard ditros deal with this > would be a starting point. > > ~Deepak The usual free Unices' security apparatus is ludicrously inadequate. The XO system should be much better. oo--JS. > > -- > Deepak Saxena <[EMAIL PROTECTED]> > _______________________________________________ > Security mailing list > [EMAIL PROTECTED] > http://lists.laptop.org/listinfo/security > > _______________________________________________ Devel mailing list Devel@lists.laptop.org http://lists.laptop.org/listinfo/devel