On Tue, 2007-07-31 at 21:45 +0200, Marco Pesenti Gritti wrote: > Hello, > > thanks for the explanation, it clarifies a lot of things. > > As I just said to Ivan and coderanger on irc we needs to be clear on > the actual goals for Trial-3. In particular I'd like to know: > > 1 Are we aiming to enable this by default for Trial-3
Yes. If activities in containers don't go into Trial 3, they will not get into FRS. They don't have to be locked down at all, just have activities launched in containers. We just have to figure out by Trial-3 if people can fix the bugs that come up. If they can't, we rip containers back out and re-evaluate the security position. > 2 Are we aiming at pushing one-instance-per-process for Trial-3 We may just end up whitelisting EToys and Browse as multiple-instance-per-process activities, and just accept that one Browse instance can interact adversely with all other instances. I don't think we've made that call concretely yet though we did discuss it on the train today. Dan _______________________________________________ Sugar mailing list [email protected] http://lists.laptop.org/listinfo/sugar
