Set the correct pemissions of the browse profile

[erikos]

After having done the parts for 5221 (moving the profile to $SAR/data) we now need to set the correct permissions for the profile content. This effects for example the OLPC Root certificate. Suggested by m_stone was:

<m_stone> erikos: short-term #1: stick the profile dir in $SAR/instance, and manually copy the parts you want to share into $SAR/data with appropriate permissions. Then copy them back out when you want them again.

<m_stone> erikos: short-term #2: store the profile-dir in $SAR/data and manually clean up the permissions either by a) patching moz so they're correct to start, b) using an LD_PRELOAD library that assigns correct perms, or c) simply cleaning up the mess in the activity code shortly after the files are created

[cjb]

Could we get a "the result of this is that <x> doesn't work"? :)

[erikos]

As a result of this you can for example not access olpc signed web sites. Other things will show up.

For example some files are not only modified but created during usage like the pluginreg.dat (Registration of plugin mimetypes), which leads us to why 1 and 2c are not working since you do not know which files are created and when. I think handling the permissions right in mozilla is a sane way.

We should discuss this with mozilla devs though before patching mozilla.

[erikos]

#5489 has a patch to fix this, implemented is: http://wiki.laptop.org/go/Concurrent_activity_instances

[marco]

Marking as a dup of #5489 then