[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: [MiNT] XaAES / GEM memory issues



> -----Original Message-----
> From:	Konrad M. Kokoszkiewicz [SMTP:draco@obta.uw.edu.pl]
> Sent:	Friday, January 12, 2001 4:33 PM
> To:	MiNT mailing list
> Subject:	RE: [MiNT] XaAES / GEM memory issues
> 
> Last year I wrote three ones spending 20 minutes on it (including
> compiling). All of them gave root privileges for an ordinary user. I tried
> 
...and you obviously used it to steal valuable information from lots of
unsuspecting MiNT-users, right? I find it hard to believe that real world
scumbags would bother with something like this. There's simply nothing to
gain by it. It's far easier to hack Windows-machines, simply because there
are zillions of them on the net, each of them with zillions of security
holes. Then you can make it to the headlines.

> > Only one process should be allowed to have F_OS_SPECIAL. If somebody
> wants
> 
> Why? Who said both AESSYS and its screen manager or its whatever would not
> need that?
> 
OK, so if two processes needs this, let them do so. The point is that once
the AES is started, nobody else can get this privilege. And if you don't
want an AES, disallow F_OS_SPECIAL completely.

Jo Even Skarstein

* * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *

This email with attachments is solely for the use of the individual or 
entity to whom it is addressed. Please also be aware that 
Vital Insurance/DnB Group cannot accept any payment orders or other 
legally binding correspondance with customers as a part of an email. 

This email message has been virus checked by the virus programs used 
in the Vital Insurance/DnB Group.

* * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *