Dear Educators and Engineers, To educators: How concerned are you about a feature that allows one student to invite others to play on their computer? Remote access is only granted if the user chooses to share a specific activity. The effect is similar to letting someone walk over and type on your keyboard.
To engineers: Is sharing an activity a sufficient indication of intent from the user to execute a potentially dangerous action, such as sharing Terminal on a public collaboration server? To activate a remote VNC client in Gnome, users must fill out this settings panel: http://www.bani.com.br/wp-content/uploads/2007/11/vino-p-g.png . Unlike an Activity, though, once those settings are made, the desktop is permanently shared. An Activity can easily be stopped by a single click at any time. Background: I have been working on a shareable version of the Terminal activity, called ShareTerm. The sharing functionality allows two people to type at the same command prompt. There is a spectrum of uses for this, from "a friend who knows more than I do showing me how to use the command shell" to "an expert developer performing remote debugging (while I observe and try to understand what is going on)". The critical issue with a shared terminal is security. If I share my terminal with you, then you gain the full power of that terminal. On an XO, running ShareTerm, this is safe enough. Thanks to Rainbow, the ShareTerm prompt has very limited access to the system, so participants cannot "break the computer". This limited access also prevents a lot of legitimately useful and educational actions, such as performing expert maintenance or debugging. On SoaS Strawberry, and every other portable Sugar implementation of which I am aware, Rainbow is not present, and so ShareTerm is just as dangerous, and useful, as inviting someone over to type on your keyboard. If this functionality were added to the Terminal activity, then the behavior on the XO would match the behavior described for SoaS. What do you think we should do? One possibility that has occurred to me is to permit unsafe sharing only with users who have already been designated as Buddies. Instead of "Share with My Neighborhood", the toolbar would only offer "Share with My Friends".
signature.asc
Description: OpenPGP digital signature
_______________________________________________ IAEP -- It's An Education Project (not a laptop project!) IAEP@lists.sugarlabs.org http://lists.sugarlabs.org/listinfo/iaep