[openbeos] Re: OBOS Security
- From: Ingo Weinhold <bonefish@xxxxxxxxxxxxxxx>
- To: openbeos@xxxxxxxxxxxxx
- Date: Wed, 7 Aug 2002 15:10:02 +0200 (MET DST)
On Wed, 7 Aug 2002, Brian Matzon wrote:
> FYI:
> http://security.tombom.co.uk/shatter.html
>
> Rather interresting flaw, which makes it possible to send any message to
> any window, and then exploiting it.
>
> Much like Hey, and Scripting ;)
>
> I am intentionaly sending this to the OBOS list instead of GE, since
> this could be something we'd like to change for R1.
This doesn't really make any sense for R1. The logged in user is always
root, so there is actually no need for any hacker to elevate their
privileges.
For real multi-user, there are a couple of security issues to deal with,
and ports (on which messaging is based) are one of them. One could for
instance restrict sending data to/reading them from ports to teams with
sufficient rights. This will require some further thoughts about daemons
like the app_server or the registrar, which (at least the former) will
need root privileges, but will also need to communicate with user apps.
However, unless I misinterpret Michaels answer to a multi-user related
question in the IRC Q&A session, *real* multi-user isn't a goal for OBOS
anyway (though I personally think, that's a pity).
CU, Ingo
Other related posts:
