[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: Supexec/Super patch?

To: Sven Karlsson <sven@it.lth.se>
Subject: RE: Supexec/Super patch?
From: "Konrad M.Kokoszkiewicz" <draco@mi.com.pl>
Date: Mon, 1 Sep 1997 17:04:47 +0200 (MET DST)
Cc: mint@atari.archive.umich.edu
In-reply-to: <9708311003.AA01656@merlin.it.lth.se>

> > >what do you think, it is a reasonable idea to patch these functions to be
> > >root only and release a beta kernel to test with existing software?
> > 
> > Very Bad Idea. This will break any program accessing the cookie jar, meaning 
> > everything linked with the MiNT lib.
> > 
> > Face it: you can't make it more secure without breaking almost everything.
> 
> I agree. The only way avoiding super/supexec is to add shadows for some
> system variables in user accessable mem. (could be global accessable read only
> memory) And add a flag in the prg header to control super/supexec behaivour.

Shadowing would need PMMU programming, right? Or a patch for BUSERR
handler to emulate vital system variables in user address space...?

Konrad M.Kokoszkiewicz

mail:draco@nidus.mi.com.pl
     draco@irc.pl
     draco@piwo.bl.pg.gda.pl
     conradus@avanti.orient.uw.edu.pl
     conradus@plearn.edu.pl
     draco@nuova.id.uw.edu.pl
http://www.orient.uw.edu.pl/~conradus/
 IRC:[Draco]

*** Ea natura multitudinis est,
*** aut servit humiliter, aut superbe dominatur.
*************************************************
*** U pospolstwa normalne jest, ze albo sluzy ono
*** unizenie, albo bezczelnie sie panoszy.
                                           (Liv. XXIV, 25)

Prev by Date: zsh 3.0.4 for MiNT
Next by Date: RE: Supexec/Super patch?
Previous by thread: Re: Cookie jar patch for Supexec/Super patch?
Next by thread: Re: Supexec/Super patch?
Index(es):
- Date
- Thread