<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<meta content="text/html;charset=ISO-8859-1" http-equiv="Content-Type">
<body bgcolor="#ffffff" text="#000000">
Bert Freudenberg wrote:
<pre wrap="">On 25.07.2014, at 12:48, David T. Lewis <a class="moz-txt-link-rfc2396E" href="mailto:email@example.com"><firstname.lastname@example.org></a> wrote:
<pre wrap="">On Fri, Jul 25, 2014 at 12:34:24AM -0700, Marcel Taeumel wrote:
<pre wrap="">Speaking of strange observations in the trunk image: What are those two
Trusted Dir C:\Tools\squeak_trunk\Marcel
Untrusted Dir C:\Users\Marcel\Documents\My Squeak
Those are listed in the system reporter. Both leaf folders do *not* exist.
<pre wrap="">The "My Squeak" folder is something related to Etoys. I do not see any references
to it in the image, aside from a class comment in EToysLauncher. But I am running
on Linux, so maybe I am missing something that shows up on your Windows platform?
This comes from the SecurityPlugin which implements file sandboxing. In most images it is unused (although it would make a lot of sense, especially in servers). Etoys uses it because it regularly executes untrusted code (projects authored by other users, which can contain arbitrary Squeak code).
The actual folder is provided by the VM settings (Squeak.ini on Windows, Info.plist on Mac OS, env vars on Unix):
SecurityManager default secureUserDirectory
==> '/Users/bert/Library/Application Support/Etoys'
This is a folder inaccessible by untrusted content. Contains preferences and private crypto keys in Etoys.
SecurityManager default untrustedUserDirectory
This is the sandbox folder, the only folder accessible by untrusted code. Before executing any untrusted (unsigned) code, the VM sandbox is enabled which prevents all file primitives from accessing anything outside this folder. Once enabled, there is no way to disable the sandbox again. Only on the next start will it be disabled.
- Bert -
<hr size="4" width="90%">
This is interesting. How is the code signing done ?<br>