On Wed, 7 Aug 2002, Brian Matzon wrote: > FYI: > http://security.tombom.co.uk/shatter.html > > Rather interresting flaw, which makes it possible to send any message to > any window, and then exploiting it. > > Much like Hey, and Scripting ;) > > I am intentionaly sending this to the OBOS list instead of GE, since > this could be something we'd like to change for R1. This doesn't really make any sense for R1. The logged in user is always root, so there is actually no need for any hacker to elevate their privileges. For real multi-user, there are a couple of security issues to deal with, and ports (on which messaging is based) are one of them. One could for instance restrict sending data to/reading them from ports to teams with sufficient rights. This will require some further thoughts about daemons like the app_server or the registrar, which (at least the former) will need root privileges, but will also need to communicate with user apps. However, unless I misinterpret Michaels answer to a multi-user related question in the IRC Q&A session, *real* multi-user isn't a goal for OBOS anyway (though I personally think, that's a pity). CU, Ingo