hi, what is the use of file : /etc/olpc-security ?
___
Devel mailing list
Devel@lists.laptop.org
http://lists.laptop.org/listinfo/devel
On 17.02.2010, at 14:58, Esteban Arias wrote:
hi, what is the use of file : /etc/olpc-security ?
When /etc/olpc-security exists, Sugar uses Rainbow to isolate activity instance
from each other. This is one of the XO's security features. See
http://wiki.laptop.org/go/Rainbow
- Bert
A typical solution is, when you are about to start the process, invoke a
different (very small, so it can be audited) process that can set what
you need as root, and then drop the privileges before execing the real
image that does the work.
But Michael may have something else in mind for Rainbow.
yes, I suppose that can be done, but it does look a little messy,
and it would be nice to be able to write activities that transparently
can do this, rather than as special cases.
It does not need to be root. I can set permissions for user olpc and
it works (provided that limits.conf is edited
On Fri, Aug 1, 2008 at 5:01 PM, Jameson Chema Quinn
[EMAIL PROTECTED] wrote:
Problem: anything named Journal, Terminal, Log, or Analyze is not
isolated. This is the biggest security hole we have right now: it is a
trivial way for any activity to get root access.
Another possible short-term
On Fri, Aug 1, 2008 at 4:01 PM, C. Scott Ananian [EMAIL PROTECTED] wrote:
On Fri, Aug 1, 2008 at 5:01 PM, Jameson Chema Quinn
[EMAIL PROTECTED] wrote:
Problem: anything named Journal, Terminal, Log, or Analyze is not
isolated. This is the biggest security hole we have right now: it is a
On Thu, 26 Jun 2008, Deepak Saxena wrote:
On Jun 25 2008, at 14:01, Carl-Daniel Hailfinger was caught saying:
On 25.06.2008 08:07, Michael Stone wrote:
We have an activity that wants superuser privilege in order to poke
kernel memory.
Hello? Please take the poor activity out back and
On Thu, 26 Jun 2008, Benjamin M. Schwartz wrote:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Deepak Saxena wrote:
| I agree with Paul that we need to have a solution to these
| cases iff we want to support running arbitrary software and
| hw combinations on the XO. The other option is
I would like to see the link for requesting a developer key made much
more prominent in the library.
I'd like to see the pathname to downloading the key itself much more
prominent (and displayed in a larger point size) on the webpage
returned after the request is granted. For those of us with
The two issues that I am concerned about regarding the write protect
flag with regards to G1G1:
1 - I thought requiring signed images was part of our bitfrost
security. Doesn't it provide some protection from malicious images?
Assuming we get to the point where upgrading is an easy click from the
Kim Quirk [EMAIL PROTECTED] writes:
[...] Finally, I agree with Scott, that the easiest thing we can do
in the short term is to make the 'get a developer key' more
prominent for those who want to find it. [...]
Taking away the 24 hour delay between key request and response could
help solve
On Thu, 5 Jun 2008, Kim Quirk wrote:
1 - I thought requiring signed images was part of our bitfrost
security. Doesn't it provide some protection from malicious images?
Assuming we get to the point where upgrading is an easy click from the
G1G1 machine, then we want to be sure that people
SJ wrote:
I continue to be uncomfortable that we are sending out restricted /
locked-down machines without a clear need. The arguments made so far for
this are
1. Getting G1G1 people to test security steps
2. Protecting G1G1 donors from installing anything but signed builds
3.
On Tue, 3 Jun 2008, C. Scott Ananian wrote:
. . .
The original reason is that it allowed our G1G1 users to more fully
exercise/test our secure boot paths, which are used in our deployment
countries. This helps G1G1 users be more representative testers, and
. . .
I'm a G2G2. Among my
On Wed, Jun 4, 2008 at 12:15 AM, Paul Fox [EMAIL PROTECTED] wrote:
SJ wrote:
I continue to be uncomfortable that we are sending out restricted /
locked-down machines without a clear need. The arguments made so far for
this are
1. Getting G1G1 people to test security steps
2.
On Wed, Jun 4, 2008 at 9:20 PM, reynt0 [EMAIL PROTECTED] wrote:
I also want to be able to examine the XO as thoroughly as
possible from my own (USA, educated, experienced, and so
on) perspective. In that regard, FWIW I found the various
infos I later could find from olpc a bit unclear or even
On Tue, Jun 3, 2008 at 12:07 PM, ffm [EMAIL PROTECTED] wrote:
Why were G1G1 machines shipped with firmware, kernel, and reflash locks
enabled? (see http://wiki.laptop.org/go/Developer_keys )
Theft is not a good reason, as they do not require activation leases.
It only seems to be a bother
On Tue, Jun 3, 2008 at 12:43 PM, Bert Freudenberg [EMAIL PROTECTED] wrote:
On 03.06.2008, at 18:33, ffm wrote:
On Tue, Jun 3, 2008 at 12:29 PM, C. Scott Ananian
[EMAIL PROTECTED] wrote:
Machines sent out via our developer program are always shipped out
unsecured.
Yet I've just recived two
On 30.05.2008 08:34, Albert Cahalan wrote:
On Fri, May 30, 2008 at 1:15 AM, Edward Cherlin [EMAIL PROTECTED] wrote:
On Thu, May 29, 2008 at 8:45 PM, Albert Cahalan [EMAIL PROTECTED] wrote:
On Thu, May 29, 2008 at 5:07 PM, Edward Cherlin [EMAIL PROTECTED] wrote:
Also, I think
On Tue, Jun 3, 2008 at 12:29 PM, C. Scott Ananian [EMAIL PROTECTED] wrote:
Machines sent out via our developer program are always shipped out
unsecured.
Yet I've just recived two laptops via said program that had security
enabled.
-FFM
___
Devel
Developer program laptops are shipped out as US/International
keyboards, English language, AK flag set, which means they do NOT need
activation. They are permanently activated in the manufacturing data.
The only thing they need to be a developer unit is a developer key.
One more reason to add to
I continue to be uncomfortable that we are sending out restricted /
locked-down machines without a clear need. The arguments made so far for
this are
1. Getting G1G1 people to test security steps
2. Protecting G1G1 donors from installing anything but signed builds
3. Showing a pretty boot
Shipping G1G1 machines with NAND reflash locks enabled makes little
sense to me. What good is protection against malicious reflash when any
attacker who can perform a reflash has physical access to the device and
has password-free root access in default configurations?
Instead, the justification
On 30.05.2008, at 19:38, C. Scott Ananian wrote:
In any case, the best response is clear: continue to work on the Linux
software stack and ensure that it is simply better than the Windows
alternative. I've heard a lot of sturm und drang, but am saddened
that I haven't seen much help from
On 30.05.2008, at 07:33, [EMAIL PROTECTED] wrote:
On Thu, 29 May 2008, C. Scott Ananian wrote:
On Thu, May 29, 2008 at 6:03 PM, Michael Stone [EMAIL PROTECTED]
wrote:
On Thu, May 29, 2008 at 05:53:49PM -0400, Michael Stone wrote:
On Thu, May 29, 2008 at 02:58:07PM -0600, Jameson Chema
On 5/30/08, [EMAIL PROTECTED] [EMAIL PROTECTED] wrote:
On Thu, 29 May 2008, C. Scott Ananian wrote:
And to elaborate: the idea is that untrusted code should not be
running as the 'olpc' user: 'olpc' is a trusted account. Activities
run/should be running as their own unique UUIDs, which are
On 5/30/08, Albert Cahalan [EMAIL PROTECTED] wrote:
I can't imagine that a contract would mention it.
It does. The Windows-only trials are phase I, and the dual-boot
phase II is explicitly spelled out, with transition criteria to move
to phase II related to the completion of OFW2. We raised
On Thu, May 29, 2008 at 05:53:49PM -0400, Michael Stone wrote:
On Thu, May 29, 2008 at 02:58:07PM -0600, Jameson Chema Quinn wrote:
In recent builds, any process running as user OLPC can execute code as
uid 0 via the setuid-0 user-olpc-executable /usr/bin/sudo.
A small correction: in recent
On Thu, May 29, 2008 at 6:03 PM, Michael Stone [EMAIL PROTECTED] wrote:
On Thu, May 29, 2008 at 05:53:49PM -0400, Michael Stone wrote:
On Thu, May 29, 2008 at 02:58:07PM -0600, Jameson Chema Quinn wrote:
In recent builds, any process running as user OLPC can execute code as
uid 0 via the
On Fri, May 30, 2008 at 12:39 AM, C. Scott Ananian [EMAIL PROTECTED]
wrote:
On Thu, May 29, 2008 at 6:03 PM, Michael Stone [EMAIL PROTECTED] wrote:
On Thu, May 29, 2008 at 05:53:49PM -0400, Michael Stone wrote:
On Thu, May 29, 2008 at 02:58:07PM -0600, Jameson Chema Quinn wrote:
In recent
On Thu, May 29, 2008 at 7:31 PM, Bobby Powers [EMAIL PROTECTED] wrote:
On Fri, May 30, 2008 at 12:39 AM, C. Scott Ananian [EMAIL PROTECTED] wrote:
* Windows runs from an SD card, but there is not much space left on
that SD card to store user files. User files are stored in NAND at
the
Microsoft either will or won't use the NAND for its own purposes. However a
third option beyond the dual boot or engulf and devour choices so far
described, for a deployment that is more school-centric and less oriented
toward laptop autonomy than the OLPC vision, would be to use network file
On Thu, 29 May 2008, C. Scott Ananian wrote:
On Thu, May 29, 2008 at 6:03 PM, Michael Stone [EMAIL PROTECTED] wrote:
On Thu, May 29, 2008 at 05:53:49PM -0400, Michael Stone wrote:
On Thu, May 29, 2008 at 02:58:07PM -0600, Jameson Chema Quinn wrote:
In recent builds, any process running as
I think this might be a very interesting topic. I'm unsure as to what
has or has not been investigated though... should I concentrate my
analysis more on D-Bus, Telepathy, or how the presence service
implements these and the logical paths the system takes to get to the
service? If I should
Hi all,
Does anyone know of any security-related projects that need to be worked on for
OLPC? I am taking a computer and network security class, and I was thinking
that Bitfrost would be an interesting topic for a final project we have. I
poked around the wiki, but I couldn't find a security
Our presence algorithms should be evaluated in terms of security
(impersonation, dos, mim, etc). A list of vulnerabilities should be
analyzed and solutions should be proposed. More details will follow if
interested.
p.
Jeremy Flores wrote:
Hi all,
Does anyone know of any security-related
We just (in a somewhat terse manner) posted a status for the various
Bitfrost components in the wiki (See
http://wiki.laptop.org/go/Bitfrost#Current_Status). Perhaps you will
find your inspiration there.
-walter
On Fri, Mar 28, 2008 at 10:37 AM, Polychronis Ypodimatopoulos
[EMAIL PROTECTED]
--
Message: 5
Date: Fri, 28 Mar 2008 10:27:07 -0400
From: Jeremy Flores [EMAIL PROTECTED]
Subject: OLPC security project
To: devel@lists.laptop.org
Message-ID: [EMAIL PROTECTED]
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Hi all,
Does anyone know of any security
I sympathize with Albert's point here: we should be no more incompatible
than we have to be... Just because we have to break some things,
doesn't mean we have to break everything.
- Jim
On Thu, 2007-11-08 at 10:42 -0500, Albert Cahalan wrote:
On 11/8/07, Ivan
39 matches
Mail list logo