[maemo-developers] Maemo security longterm roadmap?

From: Eero Tamminen eero.tamminen at nokia.com
Date: Tue Nov 13 13:29:53 EET 2007

ext Mike Lococo wrote:
>> I was maybe not so clear in my last message; What I mean is:
>> We can trust software that come from trusted source and that is
>> 'signed'. But other software, that the end user still want to install
>> can't be trusted.
> Actually bitfrost is aimed at an entirely different problem than 
> containing third-party malicious software installations.  The _only_ 
> solutions to that problem are warnings or disabling third-party software 
> entirely.

Or in general the software not working like you expect / be able to
do things people want them to do (i.e. basically anything you can
think of).  So, as you said, either you trust it, or you don't install
it.  If you trust it, the platform has to trust it also.

Software can set limitations for itself when it's installed (under which
user it's run, rlimits etc), but that's completely up to the package
being installed.  In long term Maemo indeed could have more facilities
for this for the trusted software.  It's interesting to see how Bitfrost
will fare, whether more distros go to SELinux or AppArmor etc.

	- Eero

More information about the maemo-developers mailing list