On Wed, Dec 16, 2009 at 08:06:45PM -0500, Michael Stone wrote:
Maybe I'm missing something here, but /usr read-only to the user, thus isolated from the running Sugar shell. Only root can add and modify extensions.Executing activities in separate processes provides no security benefit unless the resulting processes are in some way isolated from the rest of the system.Yes, but what about security? Right now the shell process only executes code in /usr, executing activities in a separate process.
CU Sascha -- http://sascha.silbe.org/ http://www.infra-silbe.de/
signature.asc
Description: Digital signature
_______________________________________________ Sugar-devel mailing list Sugar-devel@lists.sugarlabs.org http://lists.sugarlabs.org/listinfo/sugar-devel