moko running everything as root
subscribers at tinsputnik.com
Mon Jun 16 18:17:37 CEST 2008
Kevin Dean wrote:
> I understand how and why permission seperations exist. :) What I'm
> saying is that if we sit back and evaluate how this device is going to
> be used in the vast majority of cases, you'll realize that unlike a
> desktop or server system, the data that a non-root user can delete is
> as bad, or perhaps even WORSE than destroying the system integrity
Famous last words buddy boy.
C'mon people, do you not realize that the moko carries more processing
power than most desktop computers up to what, 1997?
Are you seriously thinking that the Windows 98 way of thinking with THAT
MUCH power is sensible?
Is everyone this delusional?
C'mon people, in the age where people are loosing laptops with gigs of
sensitive data, WE NEED MORE security measures not less.
We need proper linux security implemention, we need encrypted home
direrctories and who knows what else we will have to get working.
Certainly we have already talked about the idea of a blackberry style
proxy server, a policies framework (i'd like to see this via actually
running kde4 on this device but thats a topic for another cpu), lockdown
and talkbalk mechanism, etc.
The problem here isn't WHAT YOU want the device to be. The problem here
is WHAT WE ALL want the device to be.
Please remember that when they hardware becomes powerful enough, the
essential difference in utility then falls on software. If you want a
phone only, you should be able to get a software profile that gets you
that. If you want a laptop in a pocket you should be able to get a
profile for that.
The solution to the problem effectively is profiles via a
centralized/decentralized policies framework. Those that want a phone
and everything running as root should be FORCED to make that decision
manually so that when things go wrong THEY GET BLAMED and not the
community. For the rest of us, we will enjoy feature creep and an ever
greater ability to do on the cel what we normally do on the laptop.
In the mean time I'm just glad to get an open device, our exposer is
minimal in this run. I just hope this changes down the road as no
technical reasons seem to be popping up to justify this.
More information about the community