I'm not familiar with the details of the Rainbow implementation, but I question this claim:
> Sugar, as it currently stands, is among the least secure operating systems > ever, far less secure than any modern Linux or Windows OS. I can easily > write an Activity that, when run by the user, escalates to root privileges > and does anything I like with the system. My understanding was that something called an 'Activity' would be assigned its own userid-groupid. The standard Linux permissions would prevent such an 'Activity' from messing up the system. I agree that "as of this date", the 'su' (or its equivalent) provision sucks -- a decision has been made that the kid does not have to enter a password, even if one has been defined for root. But that can be improved to not remain the 'least secure ever'. mikus _______________________________________________ Devel mailing list Devel@lists.laptop.org http://lists.laptop.org/listinfo/devel
