[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Supexec/Super patch?
>>>>> "Sven" == Sven Karlsson <sven@it.lth.se> writes:
>> Very Bad Idea. This will break any program accessing the cookie jar, meaning
>> everything linked with the MiNT lib.
>>
>> Face it: you can't make it more secure without breaking almost everything.
> I agree. The only way avoiding super/supexec is to add shadows for some
> system variables in user accessable mem. (could be global accessable read only
> memory)
How do you update the shadows? I think a more common way to solve such
problems is to encapsulate the problematic variables, i.e. to
introduce accessor functions to get and/or set them. These functions
can switch to supervisor mode as they like, but switch back to user
mode before returning to the caller. This also provides some
abstraction, so that the internal representation or access method can
be changed without the need to change every program using it.
Hartmut
+-------------------------+-----------------------------------------------+
| Hartmut Keller | Internet: keller@informatik.uni-stuttgart.de |
| Inst. fuer Informatik +-----------------------------------------------+
| Breitwiesenstr. 20-22 | "If there's only one reason to live in this |
| 70565 Stuttgart | world, I'll find it!" (All About Eve) |
+-------------------------+-----------------------------------------------+