moko running everything as root

[Federico Lorenzi]

Isn't there a targeted SElinux policy being developed as part of GSoC?

On 6/15/08, Joerg Reisenweber <joerg at openmoko.org> wrote:
> If you have root AND user, root can make a backup copy of user's valuable
> data
> every once in a while, and user or the virus she imported while browsing the
> web can NOT destroy this backup.
> I can't follow your arguments. It's NOT an evil person we need to fence in,
> it's bad behaviour of applications that go nuts on (virus|bug|user fault|*)
>
> If we don't start to care about this topic NOW, we will see lots of poor
> designed apps that rely on having root access where they shouldn't, and we
> end up in a situation like M$, where the whole system is so much
> root-centric
> that you simply can't switch to a sane user-management anymore, because it
> would break half the system. To fix those apps later is a major PITA.
>
> I just "talked" to Wolfgang Spraul and he answered
> "But right now we are selling to hardcore developers only, so it's not
> our #1 priority.
> Once our software becomes more stable and mature, this needs to be
> addressed seriously. The good news is that the FOSS community is
> pretty paranoid about this, so I'm sure over time we will have a good
> solution."
> It's a FOSS project and you are "the community", so just contribute! I'd
> say,
> do it *now*, as long as it's easy.
>
> cheers
> jOERG
>

-- 
Sent from Gmail for mobile | mobile.google.com