[openbeos] Re: status of OpenBeOS

  • From: Tom Young <ores@xxxxxxxxxxxx>
  • To: openbeos@xxxxxxxxxxxxx
  • Date: 04 May 2003 17:28:23 +1200

For running simple servers like web, http, ftp etc. All thats required
is that the user can't run any unallowed applications. I think if this
is a problem, then OpenBeOS R1 isn't the right solution. But take the
cvs example, if you give them a shell where all they can run is cvs,
then its as secure as cvs is, not ideal in the long term since any local
user overflow can then become 'root', but I would find this more than
acceptable for an R1. 

The only extra work that would be required would be setting up the
group/user access so that remote users don't have an privillage to
execute arbitary code, or code thats designed for the local user only. 
I think the effort would be in setting the permissions correctly in the
distro, and the code changes should be minimal, and could be confined to
userland programmes to set the correct mask.

Tom Young


Other related posts: