asch at freemail.hu
Fri Jan 11 17:16:37 CET 2008
I have dark thoughts today and just wanted to stir the already boiling
water a little :-). Sorry for doing that!
Certainly I did not mean it really seriously :-). Although I mean that
creating a user that can access our private data and network as well but
has no system privileges (as it is now common in widespread desktop
Linuxes) will not protect your personal data (from web scripts, ssh
attackers and so) at all. And that data has the most value for the user.
You are right, a well configured access restriction scheme for the web
browser, instant messaging, ad-hoc network protocols and such would have
serious benefit for the phone (and desktop systems as well).
I assume that sudo prevents the harware to be bricked accidentally by
the user or by a userspace program. What I wanted to mean is that
protecting the user's data is more important than protecting the device
Ted Lemon wrote:
> On Jan 11, 2008, at 5:56 AM, Schmidt András wrote:
>> In my opinion there is nothing that the root account can protect on a
>> single user handheld device.
>> Phones are normally used single user.
>> When an application gets the rights for that user then it can access
>> all personal information and all network resources (Wifi, GSM
>> network). What else remains? What resource would you protect with the
>> root account?
> If this is a sincere question, I'd really encourage you to give the
> OLPC bitfrost spec a read:
> Unfortunately, the conclusion you've drawn is completely wrong. I'm
> very interested in the OLPC Bitfrost work - I think it has application
> in the wider sphere of Linux implementations, and the OpenMoko
> environment is a classic case.
> OpenMoko community mailing list
> community at lists.openmoko.org
More information about the community