On Wed, Feb 25, 2009 at 5:24 AM, Michael Stone <mich...@laptop.org> wrote: > In my view, it's up to the SugarLabs folks to use Rainbow or to drop it. I > have > tried to clear the way for them to use it on all the platforms they care about > by simplifying it, by making it more generically useful, by writing some basic > .deb and .rpm packaging in order to ease testing,
Hi Michael, what rainbow provides is very important. The trusted-OS checks from the firmware up are important. The userland application privilege isolation is hugely important, as we are pushing for making our apps heavily network oriented, the risks of other network hosts trying to take advantage of vulnerable apps is huge. You are now talking about the implementation of rainbow that provides userland privilege isolation. One thing that I wonder is whether in the push to make our OS more generic it would make sense to push rainbow in the direction of things like smack or selinux. Maybe rainbow could insta-isolate creating selinux profiles for activities? Maybe my ignorance on matters selinux is showing? ;-) cheers, m -- martin.langh...@gmail.com mar...@laptop.org -- School Server Architect - ask interesting questions - don't get distracted with shiny stuff - working code first - http://wiki.laptop.org/go/User:Martinlanghoff _______________________________________________ Sugar-devel mailing list Sugar-devel@lists.sugarlabs.org http://lists.sugarlabs.org/listinfo/sugar-devel
