-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Addendum: Enabling and Disabling P_SF_RUN
In order to use the root capabilities on modern POSIX computers, one typically uses the commands "su" or "sudo". These commands are only available to members of a group "wheel". For P_SF_RUN, we may add a pair of analogous commands "pseudosu" and "pseudosudo" that switch to the user sfrun. Continuing the analogy, these commands are only available to members of a group "almostwheel". To gain P_SF_RUN permissions, the system should simply add user olpc to group almostwheel. To remove the permission, the system should remove olpc from almostwheel. A student "has P_SF_RUN enabled" iff they are able to run as user sfrun. We may argue about whether P_SF_RUN should be enabled by default. For example, if I have P_SF_RUN enabled, and I lend my computer to a classmate or brother for an hour, he may install a "back door" on my computer that periodically sends him screenshots, or the contents of my datastore, or allows him remote control of the machine. An overbearing teacher could do the same. However, having P_SF_RUN enabled encourages tinkering and experimentation. Regardless of whether P_SF_RUN is enabled by default, it may be enabled and disabled by the above mechanism. If P_SF_RUN is not enabled by default, it might be enabled upon receipt of a developer key. In this case, there must be a script in the init sequence that checks if there is a developer key, checks if P_SF_RUN is desired (a student with a developer key might still disable P_SF_RUN in some config file), and modifies the group settings accordingly. - --Ben -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.7 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFH0duyUJT6e6HFtqQRAvS4AJ0caox1yynQUCwMnbIZOSWncaGaxwCgkW0x vj1x6s86LmozJSgIo+QyS2M= =3i5r -----END PGP SIGNATURE----- _______________________________________________ Security mailing list [email protected] http://lists.laptop.org/listinfo/security
