Rainbow

Rainbow implements the isolations shell implicitly described in the Bitfrost security specification. It is also the name of the build branch into which this isolation shell is being integrated.

Rainbow:

• Negotiates launching activities and creating a secure, minimal environment for their operation inside a 'Container', a way of isolating one activity from another. This includes limiting the scope of Filesystem, Network Access, and CPU time that each activity has access to.
• Creates a means for Updates to happen in a reliable and secure way.
• Provides interfaces to VServer and other libraries that make the above possible.

Installing

To install Rainbow, either directly install a build from the Rainbow build branch or use the network updater to migrate to a build from that branch.

 # olpc-update rainbow-NNN

Resources

• Code Repository
• OLPC Bitfrost — Bitfrost Spec
• README - A description of the scope and design of Rainbow.
• Notes - Useful notes on design and hurdles in developing Rainbow.

README

<gitembed>security||rainbow/README||660||600</gitembed>