Rainbow: Difference between revisions

From OLPC
Jump to navigation Jump to search
Line 19: Line 19:
* P_X -- we'll start by trying out XSECURITY (i.e. by making activities untrusted clients) and see where that leaves us. Then on to XACE as per [http://lists.laptop.org/pipermail/security/2008-April/000390.html previous discussion]
* P_X -- we'll start by trying out XSECURITY (i.e. by making activities untrusted clients) and see where that leaves us. Then on to XACE as per [http://lists.laptop.org/pipermail/security/2008-April/000390.html previous discussion]


== Items of Historical Interest ==
== (Outdated) Resources ==


* [http://dev.laptop.org/git?p=security;a=blob;f=rainbow/README;hb=HEAD README] - A description of the original scope and design of Rainbow.
* [[Taste the Rainbow]]: A guided tour of the source code of the rainbow-0.7.8 release.
* [[OLPC Bitfrost]]: [http://dev.laptop.org/git?p=security;a=blob;f=bitfrost.txt;h=96f4997602d817abf7be90a00bf68b3a79a73005;hb=HEAD Bitfrost Spec]
* [http://dev.laptop.org/git?p=security;a=blob;f=rainbow/NOTES;hb=HEAD Notes] - Notes on design and hurdles in developing Rainbow.
* [[Rainbow/DataStore Access]] - thoughts on datastore access mechanisms, superseded by [[Olpcfs]].
* [http://dev.laptop.org/git?p=security;a=blob;f=rainbow/README;hb=HEAD README] - A description of the scope and design of Rainbow.
* [http://dev.laptop.org/git?p=security;a=blob;f=rainbow/NOTES;hb=HEAD Notes] - Useful notes on design and hurdles in developing Rainbow.
* [[Rainbow/DataStore Access]]
* [http://lists.laptop.org/pipermail/security/2008-January/000370.html "Why not SELinux?"]
* [http://lists.laptop.org/pipermail/security/2008-January/000370.html "Why not SELinux?"]
* [http://lists.laptop.org/pipermail/sugar/2007-November/003725.html "Bitfrost Compliance for Update.1" announcement mail]
* [http://lists.laptop.org/pipermail/sugar/2007-November/003725.html "Bitfrost Compliance for Update.1" announcement mail]

Revision as of 21:57, 18 September 2008

  english | español HowTo [ID# 164439]  +/-  


Introduction

Rainbow implements the isolation shell implicitly described in the Bitfrost security specification. This means that it isolates activities (and eventually system services) that it is asked to run from one another and the rest of the system.

Rainbow implements this isolation by generating a new uid (and perhaps a new gid) for each program it is asked to run. Running each activity as a separate user means that standard Unix access checks can be used as the primary 'gate' to control the visibility of activity-driven side-effects like reading from or writing to files or devices or signalling other processes.

Design and Implementation

The basic design principles of the present 0.7-series incarnation of rainbow were presented in rainbow.txt. The implementation of rainbow can be found alongside that file in the "rainbow/rainbow" subdirectory of security git repo and in its several forks. Finally, a somewhat dated guided tour of the source code is available.

Next Steps

Items of Historical Interest