moko running everything as root

Joseph Reeves iknowjoseph at gmail.com
Sun Jun 15 22:59:24 CEST 2008


> On my laptop, I can choose if I want to run SE Linux or not.
> I think that the at least one image should run default with a
> non-root user and everything in /etc/sudoers. This way,
> people can uncomment inside that file and apply the
> security they like.

Sounds a lot like looking after a laptop rather than using a phone.
I've already written about how I like the FreeRunner because it's
*not* a laptop:

http://blogs.thehumanjourney.net/finds/entry/1

I've also posted twice (I think - I found one one on Google) to this
list about how it might be fruitful to consider the Bitforst security
model as developed for the OLPC project:

http://wiki.laptop.org/go/Bitfrost

Anyone with me on that one?

J


2008/6/15 Flemming Richter Mikkelsen <quatrox at gmail.com>:
> On Sun, Jun 15, 2008 at 9:15 PM, arne anka <openmoko at ginguppin.de> wrote:
>> well, let's say we disagree in the classification of the om -- i think
>> it's a very powerfull mobile computer and thus should follow basically the
>> same idea of security.
>> the user's data can be backed up and thus restored if compromised or
>> destroyed.
>> the system itself may causes severe loss of money if compromised: sending
>> sms, calling those value-added numbers (what's the proper term in
>> english?), creating internet connections (and maybe sending spam).
>> accessing your pc if you connect to it to sync or so may corrupt your
>> computer (take a known vulnerabilty, create an exploit and put it on the
>> om -- if connected to your pc it could infiltrate).
>>
>> imho the om does not match the criteria of "mobile world" you're applying
>> -- but that's just it: my opinion. maybe it changes once i get my paws on
>> a real freerunner ;-)
>
> On my laptop, I can choose if I want to run SE Linux or not.
> I think that the at least one image should run default with a
> non-root user and everything in /etc/sudoers. This way,
> people can uncomment inside that file and apply the
> security they like.
>
> The reason is that some people will use it as a phone,
> while other people might even use it without a sim.
> That means we may need different security policies.
>
> _______________________________________________
> Openmoko community mailing list
> community at lists.openmoko.org
> http://lists.openmoko.org/mailman/listinfo/community
>




More information about the community mailing list