On Fri, Mar 7, 2008 at 10:30 AM, Benjamin M. Schwartz
<[EMAIL PROTECTED]> wrote:
> | It is specifically design to allow countries (or schools) to create
> | customied builds *without* requiring OLPC to sign or approve their
> | changes.
>
> Right. I thought the solution was that each country w
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
C. Scott Ananian wrote:
| On Fri, Mar 7, 2008 at 9:37 AM, Benjamin M. Schwartz
| <[EMAIL PROTECTED]> wrote:
|> It is difficult to comment on this without more detail on "USB
|> customization keys". My understanding was that such customization would
On Fri, Mar 7, 2008 at 9:37 AM, Benjamin M. Schwartz
<[EMAIL PROTECTED]> wrote:
> It is difficult to comment on this without more detail on "USB
> customization keys". My understanding was that such customization would
> be done once at the level of whole countries, that it would be restricted
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Michael Stone wrote:
| It's completely unsafe to use the new USB customization keys to execute
| software located on-key or on-NAND because any opportunity for arbitrary
code
| execution as uid 0 represents a serious threat to our first-boot activation
Friends,
It's completely unsafe to use the new USB customization keys to execute
software located on-key or on-NAND because any opportunity for arbitrary code
execution as uid 0 represents a serious threat to our first-boot activation
security.
Since we appear to want to be able to customize imag
