User:Mstone/Rainflow: Difference between revisions

From OLPC
Jump to navigation Jump to search
m (New page: Carrying on the tradition of naming software via puns, I'll lay down some thoughts here about software for, among other things, answering the question: : ''Should we run progr...)
 
mNo edit summary
Line 2: Line 2:


: ''Should we run program X deisolated?''
: ''Should we run program X deisolated?''

== Background ==

<trac>5657</trac> asked for a way to automatically update [[Terminal]] that is not subject to spoofing.

One natural approach this is activity signing. However, as experience with X.509 has shown, the devil is truly in the details.

To date, we have seen several attempts to discover appropriate details:

: [http://lists.laptop.org/pipermail/security/2008-October/000496.html]
: [[User:Mstone/Commentaries/Bundles_1]]
: [http://lists.laptop.org/pipermail/devel/2008-March/011553.html runtime build customization thread] and <trac>6432</trac>
: http://lists.laptop.org/pipermail/security/2007-December/000341.html
: [http://lists.laptop.org/pipermail/devel/2008-March/012131.html horizontal distribution thread]

Consequently, here's an attempt at details.

Revision as of 19:57, 29 May 2009

Carrying on the tradition of naming software via puns, I'll lay down some thoughts here about software for, among other things, answering the question:

Should we run program X deisolated?

Background

<trac>5657</trac> asked for a way to automatically update Terminal that is not subject to spoofing.

One natural approach this is activity signing. However, as experience with X.509 has shown, the devil is truly in the details.

To date, we have seen several attempts to discover appropriate details:

[1]
User:Mstone/Commentaries/Bundles_1
runtime build customization thread and <trac>6432</trac>
http://lists.laptop.org/pipermail/security/2007-December/000341.html
horizontal distribution thread

Consequently, here's an attempt at details.