[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: MiNT security holes?



On Fri, 29 Aug 1997, Konrad M.Kokoszkiewicz wrote:

> > there was some time a discussion whether Super or Supexec should be
> > root-only, but that would break almost all programs.
> Ehh, no... Supexec() and Super() can be root only, because programs using
> these functions mostly run in GEM, GEM is a root and can be started only
> by the root, so everything is OK. If a TOS/TTP program uses these
> functions, it can be always started under MINIWIN or TOSWIN (from GEM).
> 
> I think such a limitation could be reasonable.

Even MiNTlib uses Supexec() to get _hz_200 from gemdos variables which 
can only be accessed in supervisor. Just checked and found out that MiNT 
cookie is search for every time program is started which too can only be 
done in supervisor. So every program that has been linked with MiNTlib 
would not work when run anybody else than root. Or am I missing something?