moko running everything as root

Robert Taylor subscribers at tinsputnik.com
Mon Jun 16 18:17:37 CEST 2008 

Kevin Dean wrote:
> I understand how and why permission seperations exist. :) What I'm
> saying is that if we sit back and evaluate how this device is going to
> be used in the vast majority of cases, you'll realize that unlike a
> desktop or server system, the data that a non-root user can delete is
> as bad, or perhaps even WORSE than destroying the system integrity
> itself.
>   
Famous last words buddy boy.

C'mon people, do you not realize that the moko carries more processing 
power than most desktop computers up to what, 1997?

Are you seriously thinking that the Windows 98 way of thinking with THAT 
MUCH power is sensible?

Is everyone this delusional?

C'mon people, in the age where people are loosing laptops with gigs of 
sensitive data, WE NEED MORE security measures not less.

We need proper linux security implemention, we need encrypted home 
direrctories and who knows what else we will have to get working.

Certainly we have already talked about the idea of a blackberry style 
proxy server, a policies framework (i'd like to see this via actually 
running kde4 on this device but thats a topic for another cpu), lockdown 
and talkbalk mechanism, etc.

The problem here isn't WHAT YOU want the device to be.  The problem here 
is WHAT WE ALL want the device to be.

Please remember that when they hardware becomes powerful enough, the 
essential difference in utility then falls on software.  If you want a 
phone only, you should be able to get a software profile that gets you 
that.  If you want a laptop in a pocket you should be able to get a 
profile for that.

The solution to the problem effectively is profiles via a 
centralized/decentralized policies framework.  Those that want a phone 
and everything running as root should be FORCED to make that decision 
manually so that when things go wrong THEY GET BLAMED and not the 
community.  For the rest of us, we will enjoy feature creep and an ever 
greater ability to do on the cel what we  normally do on the laptop. 

In the mean time I'm just glad to get an open device, our exposer is 
minimal in this run.   I just hope this changes down the road as no 
technical reasons seem to be popping up to justify this.

Rob

More information about the community mailing list