Thread: opkg, opkg GUI and plans on package repository for Kindle Touch
View Single Post
Old 02-13-2012, 08:27 AM   #9
Nyoxi
Connoisseur
Nyoxi can talk all four legs off a donkey... then persuade it to go for a walk.Nyoxi can talk all four legs off a donkey... then persuade it to go for a walk.Nyoxi can talk all four legs off a donkey... then persuade it to go for a walk.Nyoxi can talk all four legs off a donkey... then persuade it to go for a walk.Nyoxi can talk all four legs off a donkey... then persuade it to go for a walk.Nyoxi can talk all four legs off a donkey... then persuade it to go for a walk.Nyoxi can talk all four legs off a donkey... then persuade it to go for a walk.Nyoxi can talk all four legs off a donkey... then persuade it to go for a walk.Nyoxi can talk all four legs off a donkey... then persuade it to go for a walk.Nyoxi can talk all four legs off a donkey... then persuade it to go for a walk.Nyoxi can talk all four legs off a donkey... then persuade it to go for a walk.
 
Posts: 55
Karma: 124493
Join Date: Jan 2012
Device: Kindle Touch
Quote:
Originally Posted by JustAMan View Post
Any progress or help needed? Seems like this topic was quiet for quite a long time...
Sorry, no progress. I've been busy with other things, hopefully this week will be better.

Quote:
Originally Posted by JustAMan View Post
Nyoxi,
BTW I don't get what you mean by "security hole" if you do non-encrypted loop mount. It still would be almost always mounted, right? As I think this would be the place where you store installed stuff. Thus it would always be accessible from the KT to any application that has sufficient rights (however I believe everything there runs as root... if I were you I'd better look into running user stuff under non-root account first as it seems like much bigger hole than that somebody could plug Kindle to Linux PC and mount your loop partition and change it... if they're skilled enough to do this they're almost certainly skilled enough to get SSH over USB and mess with things on Kindle themselves)
I wasn't talking about danger from the applications, but of course running them not under the root account is something we should definitely consider. Neither did I mean the case where somebody takes your kindle to do evil stuff to it (because at that point there's not much anybody can do about it). My point was only concerning malicious software on the host computer.

But you made me think again about all this encryption stuff and whether it's really worth the effort. Because with those data.tar.gz jailbreaks all you have to do is trick the user to restart their kindle. And that's not so difficult.

Quote:
And I would certainly be against installing anything from packaging system to root FS. If something went wrong with this soft and it broke my KT I can remove this loop mount file from USB drive, reboot and be safe, but if it's installed right into root FS I'm doomed. That is, I fully support your selected option of loop partition.
Yes, I totally agree. Writing directly to the root FS could be dangerous. Also being able to fix things when something breaks just by deleting the loop file is great. But in some cases you cannot avoid modifying the files in root FS and that's why having the root FS overlay is so beautiful. It's a win-win situation: you are able to modify the files on root FS without touching the root FS.

Quote:
That possible breakage not that important for update.bin technology yet because most devs test their update.bins manually before uploading, but when you create some public repo there may be some, say, nightly updates and such.
Of course this is something we will have to deal with. My idea is to have more than one repository. One repository with tested and safe apps/hack that common (non-geek) users could use. Only selected group of reliable people would be able to push packages into this repository. Second some testing repo for experienced users who are not afraid to experiment. It would contain stuff that is known (more or less) to work. Also testing of new versions of applications would happen here. And third, some highly experimental repository for all the new hacks/apps. Or devs could make their own small repositories instead of having the third repo. That's my idea of it.

Quote:
P.S. I know Linux a bit, I know programming a bit (do not know GTK but I can learn if needed). I'm interested in giving you a hand when I have spare time. And I think there're many people around here who could give a hand, too.
So feel free to point where you need some help. I think that would benefit the project
I think having good experience with Linux and shell scripting is essential at this point. What you (or somebody) could do to help is:
  1. Look for the buildroot that we could use. Something that would be easy to set up and which would provide good support for writing package build scripts. I was thinking about Openembeded. Taking the framework from the OpenWrt and strip it down to things that are necessary or useful to us is also an option. Or if someone has any other tips feel free to entertain me.
  2. Maybe write an init script that would load the necessary modules and mount the loop file. It might do some sanity checks to make sure it's safe to mount the loop file or check for some file in /mnt/us that would allow user to skip the mounting. (Or maybe even something else ... thoughts/suggestions?)
Last edited by Nyoxi; 02-13-2012 at 08:31 AM. Reason: fixing typos
Nyoxi is offline   Reply With Quote