Michael Stone writes: > One of our present security difficulties is that the Terminal activity > is not isolated. It is de-isolated so that it can serve the dual role of > root terminal and 'general exploration' terminal. Perhaps reviving the > Quake Terminal for the root-terminal role and isolating the Terminal > activity proper would be a nice way to solve half of our security issue?
No. First of all, that would force usage of the root account to get to the olpc account. There is little reason to want a random user, but plenty of reason to want both olpc and root. Second of all, the ability to de-isolate an arbitrary activity is important. Isolation needs to be under the user's control. Except to prevent a user from locking himself out by isolating the de-isolation tool, no activity should be specially known to Bitfrost or Sugar. Isolation is righfully a user choice. It's OK to make isolation easier though, to avoid accidents. _______________________________________________ Security mailing list [email protected] http://lists.laptop.org/listinfo/security
