[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
RE: Supexec/Super patch?
> >what do you think, it is a reasonable idea to patch these functions to be
> >root only and release a beta kernel to test with existing software?
>
> Very Bad Idea. This will break any program accessing the cookie jar, meaning
> everything linked with the MiNT lib.
>
> Face it: you can't make it more secure without breaking almost everything.
I agree. The only way avoiding super/supexec is to add shadows for some
system variables in user accessable mem. (could be global accessable read only
memory) And add a flag in the prg header to control super/supexec behaivour.
However this isn't trivial.
Regards
Sven