We have moved to a new Sailfish OS Forum. Please start new discussions there.
1

Taking vi out as a security measure?!! [answered]

asked 2019-04-07 23:45:35 +0200

Vincent gravatar image

updated 2019-04-08 09:55:02 +0200

jiit gravatar image

Vi is just another text editor, like many graphical text editors. And i happen to prefer this cli editor above any other graphical one. Yet Sailfish chooses to add it to developer mode and removes it when you go out of developor mode. That is wrong, because having an editor or not has nothing to do with security. Security is a case for the individual files to defend themselves. I can edit nemo files with any graphical editor, but i am not allowed to use vi for that?!!

Such concept of security is of the mindset of a webscribbler who thinks that if he makes an url complex enough, no one is going to guess it. Utter nonsense of course. So i urge the Sailfish developers to quit removing vi as a "security" measure.

edit retag flag offensive reopen delete

The question has been closed for the following reason "the question is answered, an answer was accepted" by nthn
close date 2019-04-08 22:22:57.672819

Comments

What do you mean 'go out of developer mode'?

r0kk3rz ( 2019-04-08 02:20:01 +0200 )edit

In settings there is an option developer mode. You can turn it on and off. I sometimes use it to install basic programs from the base repository, like less or rsync. When i am done, i turn it off again. Turning it off is what you are asking.

Vincent ( 2019-04-08 10:03:47 +0200 )edit
1

vi runs on a terminal which is also installed when development mode is enabled. Although powerful, handling vi escape commands from a mobile phone terminal is cumbersome, there are other text editor apps, such as "Editor", that are easier to use for basic text editing.

pmelas ( 2019-04-08 11:37:03 +0200 )edit
4

Enabling developer mode installs packages, disabling it removes those packages, that's how it works. Its not quite flipping a simple switch

r0kk3rz ( 2019-04-08 11:59:32 +0200 )edit

3 Answers

Sort by » oldest newest most voted
3

answered 2019-04-08 11:19:39 +0200

Nekron gravatar image

Developer mode != zypper | pkcon, i.e. if you turn it on it installs tools needed for developing, if you turn it off tools are removed like uninstalling an IDE on your PC. So, what's wrong with that? I would be more worried if artefacts of installed packages left uninstalled.

edit flag offensive delete publish link more
2

answered 2019-04-08 11:29:30 +0200

Maus gravatar image

updated 2019-04-08 11:30:33 +0200

You could argue that it's wrong to package vi with those tools coming in developer mode. But I think it's not OK to guesstimate why it's being done like it is now. I don't believe in your "security measure" postulation.

You could ask for vi coming per default with the phone, decoupling it from developer mode. That would be more sensible.

edit flag offensive delete publish link more
1

answered 2019-04-08 12:32:22 +0200

Nova gravatar image

How can you use vi without the terminal? (While Developer mode is disabled) I would suggest leaving Developer mode enabled and disable "Remote connection", you cannot use root account without "Remote connection" active and a password set. Sailfish is aiming to be user-friendly to basic users and also technically minded users. Basic users do not want to and should not have to use a terminal or cli tools.

edit flag offensive delete publish link more

Comments

2

Easy, install a terminal like ToeTerm. Vi is nothing but a text editor and unrelated to any super mode. I have to be on many Linux distro's with different desktops and menus, and on macs. Instead of loosing a lot of time searching through menus, i grab a terminal and can do everything i need to do in a consistent manner. For consitency it is important to use commands and programs that are always there. Vi is one of such basic programs. I have never been on a system where vi is hidden for users. So i did not expect Sailfish to hide it from me while being a user. It should not be necessary to lower protection (developer mode) in order to use a basic text editor. I hope to have explained that using a terminal is what is user friendly to me.

Btw, i specifically bought a Gemini PDA in order to have a clean screen (no soft keyboard in the way), so i can operate cli like on a desktop.

Vincent ( 2019-04-08 13:04:10 +0200 )edit
5

aside from the SSH server, theres no 'lower protection' with developer mode on. and you can disable the ssh server if you want, you're not suddenly running as root or anything like that

r0kk3rz ( 2019-04-08 15:29:45 +0200 )edit

@r0kk3rz, when you say "theres no 'lower protection' with developer mode on", did you consider /etc/connman/firewall.d/00-devmode-firewall.conf?

A.Maretzek ( 2019-04-09 01:02:37 +0200 )edit

Question tools

Follow
3 followers

subscribe to rss feed

Stats

Asked: 2019-04-07 23:45:35 +0200

Seen: 562 times

Last updated: Apr 08 '19

Related questions

[Fixed in 1.0.3.8] Crash when linking contacts? [not relevant]

Time slider usage in video player of Gallery app causes the app to hang [duplicate]

QAudioOutput isn't integrated with system volume and libresource like QMediaPlayer

Bug: E-Mail synchronization does not work as configured [released]

Word prediction should be always turned off when entering passwords in Android apps [released]

[Implemented in 1.0.3.8] Poor Polish translation in Sailfish Twitter event feed makes ugly UI issue [answered]

Don't enforce focus to textfield [answered]

[Implemented in 1.0.3.8] Email: Honour Reply-To header [answered]

Bug: Having to delete e-mails twice [answered]

Bug: Virtual keyboard stuck on top of applications

Copyright © Jolla Ltd. 2013-2019. All rights reserved.
about | faq | help | privacy policy | terms of service | give feedback
Powered by Askbot version 0.7.49