MobileRead Forums - View Single Post - opkg, opkg GUI and plans on package repository for Kindle Touch

JustAMan · 02-02-2012, 06:51 AM

Nyoxi,
Good to read this somewhere except IRC, keep up the good work man!

BTW I don't get what you mean by "security hole" if you do non-encrypted loop mount. It still would be almost always mounted, right? As I think this would be the place where you store installed stuff. Thus it would always be accessible from the KT to any application that has sufficient rights (however I believe everything there runs as root... if I were you I'd better look into running user stuff under non-root account first as it seems like much bigger hole than that somebody could plug Kindle to Linux PC and mount your loop partition and change it... if they're skilled enough to do this they're almost certainly skilled enough to get SSH over USB and mess with things on Kindle themselves)

And I would certainly be against installing anything from packaging system to root FS. If something went wrong with this soft and it broke my KT I can remove this loop mount file from USB drive, reboot and be safe, but if it's installed right into root FS I'm doomed. That is, I fully support your selected option of loop partition.

That possible breakage not that important for update.bin technology yet because most devs test their update.bins manually before uploading, but when you create some public repo there may be some, say, nightly updates and such.

P.S. I know Linux a bit, I know programming a bit (do not know GTK but I can learn if needed). I'm interested in giving you a hand when I have spare time. And I think there're many people around here who could give a hand, too.
So feel free to point where you need some help. I think that would benefit the project

02-02-2012, 06:51 AM	#3
JustAMan Groupie Posts: 153 Karma: 113 Join Date: Jan 2012 Location: Russia Device: Kindle Touch	Nyoxi, Good to read this somewhere except IRC, keep up the good work man! BTW I don't get what you mean by "security hole" if you do non-encrypted loop mount. It still would be almost always mounted, right? As I think this would be the place where you store installed stuff. Thus it would always be accessible from the KT to any application that has sufficient rights (however I believe everything there runs as root... if I were you I'd better look into running user stuff under non-root account first as it seems like much bigger hole than that somebody could plug Kindle to Linux PC and mount your loop partition and change it... if they're skilled enough to do this they're almost certainly skilled enough to get SSH over USB and mess with things on Kindle themselves) And I would certainly be against installing anything from packaging system to root FS. If something went wrong with this soft and it broke my KT I can remove this loop mount file from USB drive, reboot and be safe, but if it's installed right into root FS I'm doomed. That is, I fully support your selected option of loop partition. That possible breakage not that important for update.bin technology yet because most devs test their update.bins manually before uploading, but when you create some public repo there may be some, say, nightly updates and such. P.S. I know Linux a bit, I know programming a bit (do not know GTK but I can learn if needed). I'm interested in giving you a hand when I have spare time. And I think there're many people around here who could give a hand, too. So feel free to point where you need some help. I think that would benefit the project