[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: MiNT security holes?



> >When running MiNT with memory protection on (can't test this because
> >I got only STfm), can user start a non-setuid root program with `super'
> >memory access priviledges (ie. program would be able to write all over
> >memory)?
> 
However this type of mem prot "limitations" are present in several other
oses as well.

> Yes. There is no REAL security in MiNT.
                   ^^^^^^^^^^^^^

Ehrm. I wouldn't call features in the mem prot for security
holes. MiNT isn't a safe system in the sence that it is rather
easy to crack if you have physical access to the computer.

The above mentioned feature of the mem system only affect the
stability of the system and in MiNT's case is rather vital for
TOS compability. It does however also simplify the design of
trojan horses.

When it comes to network security (remote logins into the MiNT system
etc) MiNT isn't any less secure than any other os. The security in this
aspect comes from proper operation of network deamons and network clients
which in MiNT's case isn't really a part of MiNT itself.

Regards
 Sven