[maemo-developers] Security Guidance for N800 OS development

From: Gustavo Sverzut Barbieri barbieri at gmail.com
Date: Fri Feb 23 14:09:53 EET 2007 
On 2/23/07, Marius Gedminas <marius at pov.lt> wrote:
> On Thu, Feb 22, 2007 at 08:20:53PM -0300, Gustavo Sverzut Barbieri wrote:
> > On 2/22/07, Eero Tamminen <eero.tamminen at nokia.com> wrote:
> > >ext Gustavo Sverzut Barbieri wrote:
> > >> yes, but the most harmful action is to add "/" to be scanned, but
> > >> that's in blacklist so it's avoided.
> > >
> > >If it is monitoring file changes in the device, you should also
> > >ignore at least /dev & /sys*, otherwise your process wakes up
> > >unnecessarily (which drains battery).
> >
> > Sure, we ignore:
> >
> >    static const gchar *blacklist[] = {
> >        "/bin",
> >        "/boot",
> >        "/dev",
> >        "/etc",
> >        "/lib",
> >        "/proc",
> >        "/root",
> >        "/sbin",
> >        "/sys",
> >        "/usr/bin",
> >        "/usr/sbin",
> >        "/usr/etc",
> >        "/usr/lib",
> >        NULL
> >    };
>
> I'm somewhat surprised that you scan /var and /tmp.  Or, in fact,
> anything outside /home and /media.

While canola runs on maemo, it also runs on my desktop, so it's useful
to have /tmp

Since some people run maemo on their SD instead of flash, they may
have data in /var/lib/media or something like that... this isn't
really useful IMHO, but...

Maybe I'll make this a  GConf list and thus configurable.


> We're talking about Canola scanning for media files, right?

Yes.

-- 
Gustavo Sverzut Barbieri
--------------------------------------
Jabber: barbieri at gmail.com
   MSN: barbieri at gmail.com
  ICQ#: 17249123
 Skype: gsbarbieri
Mobile: +55 (81) 9927 0010
 Phone:  +1 (347) 624 6296; 08122692 at sip.stanaphone.com
   GPG: 0xB640E1A2 @ wwwkeys.pgp.net
More information about the maemo-developers mailing list