Log in

No account? Create an account
entries friends calendar profile adric.net Previous Previous Next Next
Please read the spec and the discussion first, thanks. Was: Re: [OLPC Security] A mom's worries - nil.enroll(aetheric_username, quantum_class_id)
yljatlhQo'! QIch lo'laltbebej!
Please read the spec and the discussion first, thanks. Was: Re: [OLPC Security] A mom's worries

Please read the spec, the wiki discussion page, and the previous posts to this list before trying to discuss perceived flaws in the system that is being built. http://wiki.laptop.org/go/BitFrost , http://wiki.laptop.org/go/Talk:Bitfrost , and http://lists.laptop.org/pipermail/security/, respectively.

Discussion of weaknesses in standard Linux or UNIX systems are not necessarily applicable to the OLPC Bitfrost platform. Also, the spec is not fully implemented in the software, but the spec makes pretty clear what features are intended.

An example:

But any infected activity gets access to system resources in the same
way as the
"host" user. Last time I checked, rainbow/service.py didn't do
anything special
to try and really hunt-down any background processes created by an
so to say that the spam-bot (or any other unintended malware-type-thing)
dies when the activity gets cleaned up is horribly misleading.

Since, as you acknowledge earlier, each Activity is started in it's own UID, then it is trivial to make sure that all processes started by that user and all of their children die when the Activity is terminated, eg `slay 1003`. So, pointing out that 'weakness' is not particularly helpful, but submitting a patch that adds that command to activity tear-down might be.

Similarly, discussion of spamming is hopefully mitigated by the default network rate limiting and cpu usage limiting of the platform. If you see weakness in this plan that are not already discussed, please share. Or submit patches :)

Adric Net

Yes, again. *sigh*

Current Location: couch
Current Mood: argh
Current Music: Dethklok

Leave a comment