[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: [MiNT] XaAES / GEM memory issues

> -----Original Message-----
> From:	Konrad M. Kokoszkiewicz [SMTP:draco@obta.uw.edu.pl]
> Sent:	Friday, January 12, 2001 4:51 PM
> To:	MiNT mailing list
> Subject:	RE: [MiNT] XaAES / GEM memory issues
> 
> Read Noah's mail. When I want to connect my machine to the network and
> provide even simple services for friends, I also want to be sure, that
> noone of my personal enemies (because I f.e. "stole" a gf of someone or he
> thinks so) could destroy that system not for stealing a valuable
> information, but just to make me problems.
> 
So don't give your personal enemies access to your machine ;-) I don't have
any enemies, atleast none that's capable of switching on a computer.
>  
> > OK, so if two processes needs this, let them do so.
> 
> If two, why not three?
> 
Or 20. Make it configurable. With some basic investigation it's very easy to
determine how many processes that needs this with MultiTOS (AES 4.0 and
4.1), N.AES, Geneva and XaAES. Write a couple of comments in mint.cnf or the
readme-file, telling the user what the "F_OS_SPECIAL" variable in mint.cnf
should be set to. But personally I don't think it's worth it. Leave it like
it is, or run without an AES and disable F_OS_SPECIAL completely if you're
really concerned.

> > The point is that once
> > the AES is started, nobody else can get this privilege.
> 
> How do you detect the exact very moment when the AES can already be
> considered "started" (and block the flag then)?
> 
It's not very difficult, call this every time F_OS_SPECIAL is requested:

if (f_os_special_count >= MAX_ALLOWED)
{
	shoot_intruder_in_foot();
	return;
}
else
{
	f_os_special_count++;
}

It means that F_OS_SPECIAL can be exploited before you start the AES. If you
write that in the docs the user can blaim himself if he gets hacked.

Jo Even Skarstein

* * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *

This email with attachments is solely for the use of the individual or 
entity to whom it is addressed. Please also be aware that 
Vital Insurance/DnB Group cannot accept any payment orders or other 
legally binding correspondance with customers as a part of an email. 

This email message has been virus checked by the virus programs used 
in the Vital Insurance/DnB Group.

* * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *