[Shr-Devel] Security features of SHR
shazalive at gmail.com
Thu May 27 22:05:42 CEST 2010
On Fri, May 28, 2010 at 12:35 AM, Tom Hacohen <tom at stosb.com> wrote:
> On Thu, May 27, 2010 at 10:03 PM, Michael 'Mickey' Lauer
> <mickey at vanille-media.de> wrote:
>> * You may have to fix the kernel to provide sysfs access to
>> non-priviledged users.
I will look at this but what do you mean by fix the kernel!?
> Of course, make sure you don't give "too much" access in sysfs, or in other
> words, don't expose what shouldn't be exposed.
>> * Fix X to be able to run as non-root.
> Mickey: Isn't X running as root pretty standard? I mean, he should probably
> hack it to run e as non-root (which is reasonable) but X itself?
This should mean setuid for X.
> Anyhow, shaz: don't forget to also adjust the SHR apps. To be honest, I
> don't think there's almost any work needed to be done (except for dbus
> at least not as a first stage. After you'll have stuff running as a regular
> user, or at least have a regular user in general, it'll be easier for us
> to adjust the SHR applications ourselves. Now changing everything is just
> too annoying when there's nothing else ready. :P
> Though as said, if I'm not missing anything, everything should just work, at
> least it just works running as a regular user on my pc :P
What name should be given to the regular user? user :)
More information about the openmoko-kernel