[Sugar-devel] [ASLO] Release Trails-4

[Sugar Labs Activities]

Activity Homepage:
http://activities.sugarlabs.org/addon/4398

Sugar Platform:
0.82 - 0.90

Download Now:
http://activities.sugarlabs.org/downloads/file/27194/trails-4.xo

Release notes:
Tiles are placed so that the numbers run in sequence from left to right and 
down the grid. Numbers may also repeat. A tile placed on its ghost image scores.



Sugar Labs Activities
http://activities.sugarlabs.org

___
Sugar-devel mailing list
Sugar-devel@lists.sugarlabs.org
http://lists.sugarlabs.org/listinfo/sugar-devel

Re: [Sugar-devel] TB and nxt_python - include or depend

[Martin Langhoff]

On Thu, Jan 13, 2011 at 3:04 PM, Martin Langhoff
martin.langh...@gmail.com wrote:
  - There is an nxt_python package for F9, F11 and F14.

So, this nxt_python package already in Fedora was very old. There's an
updated package athttp://dev.laptop.org/~martin/nxt/ which
installs on F14 builds -- can prep a F11 package in a few days.
Working on getting this pkg into Fedora proper.

And I have prepared a version of Emiliano's NXT branch that does not
include the nxt and usb packages.

cheers,



m
-- 
 martin.langh...@gmail.com
 mar...@laptop.org -- Software Architect - OLPC
 - ask interesting questions
 - don't get distracted with shiny stuff  - working code first
 - http://wiki.laptop.org/go/User:Martinlanghoff
___
Sugar-devel mailing list
Sugar-devel@lists.sugarlabs.org
http://lists.sugarlabs.org/listinfo/sugar-devel

[Sugar-devel] [PATCH Browse] Add Single Sign On support

[Sascha Silbe]

A special client certificate will be created on first start-up (after
installation resp. update). This certificate can be used to identify and
authenticate a user to web sites that ask for it. No personally identifiable
information is included in the certificate; it only identifies a user account,
not a physical person. Any binding between the user account(s) and an actual
person would need to be established out-of-band. This is similar to using
email addresses for identification and authentication purposes (an established
practice for most sites that offer services to the public).

The client certificate will be signed by a fake CA. This allows servers to
specifically ask for the client certificate created by Browse (by presenting
an accepted CAs list with the fake CA in it) while preventing confusing
Select client certificate pop-ups for other browsers. Publishing the CA
private key is not a risk because it's only used to influence the selection
of the client certificate, not for any kind of trust decision.

One aspect that still needs some consideration are XSS (cross-site scripting)
attacks. Content from a third party website could cause the browser to connect
to a web site using SSO with the client certificate. The browser would
automatically present the certificate to the server and thus potentially
authorise any action that the remote site tries to trigger.

Additional dependencies:
- openssl executable
- certutil and pk12util executables

Signed-off-by: Sascha Silbe sascha-...@silbe.org
---
 browse-sso-pseudo-ca.cert.pem|   20 +
 browse-sso-pseudo-ca.privkey.pem |   27 
 cert8.db |  Bin 65536 - 65536 bytes
 key3.db  |  Bin 0 - 16384 bytes
 secmod.db|  Bin 0 - 16384 bytes
 webactivity.py   |   85 +
 6 files changed, 122 insertions(+), 10 deletions(-)

diff --git a/browse-sso-pseudo-ca.cert.pem b/browse-sso-pseudo-ca.cert.pem
new file mode 100644
index 000..fd9691a
--- /dev/null
+++ b/browse-sso-pseudo-ca.cert.pem
@@ -0,0 +1,20 @@
+-BEGIN CERTIFICATE-
+MIIDQjCCAiqgAwIBAgIJAOyLmiUICdRkMA0GCSqGSIb3DQEBBQUAMB8xHTAbBgNV
+BAMTFEJyb3dzZS1TU08tUHNldWRvLUNBMB4XDTExMDEzMTE4MDMyMVoXDTM4MDYx
+NzE4MDMyMVowHzEdMBsGA1UEAxMUQnJvd3NlLVNTTy1Qc2V1ZG8tQ0EwggEiMA0G
+CSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDHbsal0Ib96+Dg9v8zmGQwtczFOLyd
+J2s5ifwF1VuUDVmm47ooDgycc6i6ULR3AoSOMu3/jvFCT5uV/wZq7sXvq2LUmiJ8
+W/fNbT9GaBoAphBoBalqrTsDROpZXsPkdkm5eN1ZtLeDDoGCX8+fYeqo61Hv2fSh
+ee7DloCYZ7TvYT0+W2hBUOvf7MFEEl/8p8/FyevB6F9Qs0RCinbUwVDdlg961Sj6
+zEa7GzgFNK1UdiyY5iXthYFdQVW1MPCgNmaIOjelMfy9YOwQv4Bs6Z4Zisi4Y0U8
+lChunySRgtckVtJfrSgGoPbT4UuLBrwtP9G7WmdOb1gv3TC9KHaZnDJvAgMBAAGj
+gYAwfjAdBgNVHQ4EFgQU2tNCUr0YkKsk+MImV5O794MKspUwTwYDVR0jBEgwRoAU
+2tNCUr0YkKsk+MImV5O794MKspWhI6QhMB8xHTAbBgNVBAMTFEJyb3dzZS1TU08t
+UHNldWRvLUNBggkA7IuaJQgJ1GQwDAYDVR0TBAUwAwEB/zANBgkqhkiG9w0BAQUF
+AAOCAQEAThyMLpwfu/9UKn6nBRgFdTTmZ2VRJARtiXkT0hPe3zHKSLUKmSjxhTSN
+zcM7R+Dx3Wi2i0w8fNQcxtYima2HZQTKT4qhCPrggkXxgtnolPQ4yrFg+4DWxGFa
+Ng6uajGJmcnzt5Q+0esaxohc79caELs7Y8yzp/JuZgnXfcKYCVAha8Cg6T5e+eZo
+7XJHJPRIAuvgqobaQpX9iB8jace1UVf0h0ftnZ6FgZMjvtjONl6TqQrOWgEA3Yzb
+7pO8fVfOlEtwQzKY5Ji+aqvStM/r7/B6dAIljqsqlnhVenlWzQDKpLa4VeA5/xaE
+C8enZzxEi1IG76bB9dIELyKezcfIyQ==
+-END CERTIFICATE-
diff --git a/browse-sso-pseudo-ca.privkey.pem b/browse-sso-pseudo-ca.privkey.pem
new file mode 100644
index 000..64c135a
--- /dev/null
+++ b/browse-sso-pseudo-ca.privkey.pem
@@ -0,0 +1,27 @@
+-BEGIN RSA PRIVATE KEY-
+MIIEpQIBAAKCAQEAx27GpdCG/evg4Pb/M5hkMLXMxTi8nSdrOYn8BdVblA1ZpuO6
+KA4MnHOoulC0dwKEjjLt/47xQk+blf8Gau7F76ti1JoifFv3zW0/RmgaAKYQaAWp
+aq07A0TqWV7D5HZJuXjdWbS3gw6Bgl/Pn2HqqOtR79n0oXnuw5aAmGe072E9Plto
+QVDr3+zBRBJf/KfPxcnrwehfULNEQop21MFQ3ZYPetUo+sxGuxs4BTStVHYsmOYl
+7YWBXUFVtTDwoDZmiDo3pTH8vWDsEL+AbOmeGYrIuGNFPJQobp8kkYLXJFbSX60o
+BqD20+FLiwa8LT/Ru1pnTm9YL90wvSh2mZwybwIDAQABAoIBAFowqLl4MnRG5i4W
+xZbJxhWZQf+3BuVzXDRrSIRC1uV/nBmzRw6yO9XNIHMR6Gshwlykf6lhNY4tfkk5
+See2D+GxekJ3aj0fQlOuojzu+0Nr1mOUm+dYbCWwVuMPzjtVm0W7eS8GYS9tsfgJ
+6FVF7N9zfFyiDtWv1OCzAXjq/ZJ7c+j1AsT0Tb9TnVO9jvwKoJa54LV6LIUf98+n
+8czPaZadpGy4s7BoZ3L+yt6odnysmMs+98hpOj7rg2uGSrnU1IaKkp7CdjdIaBq4
+3vBZ8RsNlW5wa0WSQSj0hOUBn+2moJA1qUxmblkDtmOi1bRYmqPWHyuiOEUlnQM8
+ogmAfDECgYEA+Op577svjuz1o+EK8C/J87q976ZNGRWE2KwUT3O6WIQNgqY9RtF8
+4aZmkbGx0dFnMkGfW+TGXFcD3u8Hn9vP1ZdFhbP2hxdD1IF75U5D78IT0/eOfvFr
+eCkbzsoL4tsxt40Ebv8KQrubAGbShVdwxHTKCfltWZFFGnxyuvNCsSMCgYEAzRvH
+zWWb+c90Ah1v7XrvIRSCcfbaz+/tO6/kgxGezDYpHQXRUdXe2ULhRcNWuheQN7iF
+LZQqWS07bCzqkfH1f1fjh+aDKQBafjuyJwDJxf/+qkwavcbsB4Ac7fFIgrmwAx07
+2/WbjSTrYTUWpReSkCpY2dYBofYTiJbmBfLs/EUCgYEAigLv4uTlhJiLxfZz6yKE
+Fdg3kZWib8MHql8Wz8q5ynRFTWhA13A1jqOFgUiF8HDrh+jso7Xf6bjxU30yvAbT
+YHkEOhLDILnciQnWGRjhACGafs9muam/zZr1aR2Lo5enJD9S8vwDw2ZjlcBs/zOx
+OawLjaY3ZA7wwrO3pUJVewMCgYEAuaBaw1kiQIOvyfo6QgLwSE/3foyam3XYjhwy
+Ayz/OnIJ42pQdm/Ir3gHyMtwwhpxOvyUCxv895goH07HPC5usEEqeuPz8DeRroz4