[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [MiNT] Security again



Hi!

> If an API an be defined which works well with MiNT, it should be simple to
> make that work under the less protected OSes too. We don't want another of
> those APIs that needlessly create problems for memory protection, for example.

Hooking into traps make always problems with memory protection. It also
automatically reject any virtual addressrom concept.

> Yes, but since hooking into OS-traps is as low level as you can get, it
> definitely should be under _some_ kind of kernel control. If we can't do
> without it, we should at least try to make it a bit safer (for example
> only allow it for programs running as root and perhaps automatically
> unlink if a program exits without staying resident).

This don't help at all. The concept is the critical point. And it's
broken. So any restriction is a patch but the problem is the same.


Tschuess
   ...Frank

--
ATARI FALCON 040 // MILAN 040
--------------------------------------
Internet: fnaumann@cs.uni-magdeburg.de
Mausnet:  Frank Naumann @ B2