Rainbow: Difference between revisions
Jump to navigation
Jump to search
m (Install instructions) |
m (typos, formatting) |
||
| Line 1: | Line 1: | ||
Rainbow is the implementation of the [[Bitfrost]] security specification. Rainbow: |
Rainbow is the implementation of the [[Bitfrost]] security specification. Rainbow: |
||
* Negotiates launching activities and creating a secure, minimal environment for their operation inside a 'Container', a way of isolating one activity from another. This includes limiting the scope of Filesystem, Network Access and CPU time that each activity has access to. |
* Negotiates launching activities and creating a secure, minimal environment for their operation inside a 'Container', a way of isolating one activity from another. This includes limiting the scope of Filesystem, Network Access, and CPU time that each activity has access to. |
||
* Creates a means for Updates to happen in a reliable and secure way. |
* Creates a means for Updates to happen in a reliable and secure way. |
||
* Provides interfaces to VServer and other libraries that make the above possible |
* Provides interfaces to VServer and other libraries that make the above possible. |
||
== Installing == |
== Installing == |
||
To install Rainbow: |
To install Rainbow: |
||
# Enable the OLPC-temp repository by editing '''/etc/yum.repos.d/olpc-tmp.repo''' ''(temporary until packages drift upstream)'' |
|||
# '''Yum install rainbow''' which installs Rainbow along with its dependencies like pyvserver, python-sqlalchemy, etc. |
|||
To enable Rainbow: |
To enable Rainbow: |
||
# Touch the file '''/etc/olpc-security''' |
|||
To disable Rainbow: |
To disable Rainbow: |
||
# Delete the file '''/etc/olpc-security''' |
|||
== Resources == |
== Resources == |
||
Revision as of 22:02, 7 September 2007
Rainbow is the implementation of the Bitfrost security specification. Rainbow:
- Negotiates launching activities and creating a secure, minimal environment for their operation inside a 'Container', a way of isolating one activity from another. This includes limiting the scope of Filesystem, Network Access, and CPU time that each activity has access to.
- Creates a means for Updates to happen in a reliable and secure way.
- Provides interfaces to VServer and other libraries that make the above possible.
Installing
To install Rainbow:
- Enable the OLPC-temp repository by editing /etc/yum.repos.d/olpc-tmp.repo (temporary until packages drift upstream)
- Yum install rainbow which installs Rainbow along with its dependencies like pyvserver, python-sqlalchemy, etc.
To enable Rainbow:
- Touch the file /etc/olpc-security
To disable Rainbow:
- Delete the file /etc/olpc-security
Resources
- Code Repository
- Bitfrost Spec
- README - A description of the scope and design of Rainbow.
- Notes - Useful notes on design and hurdles in developing Rainbow.
README
<gitembed>security||rainbow/README||660||1400</gitembed>