[openbeos] Re: status of OpenBeOS

  • From: "Axel Dörfler" <axeld@xxxxxxxxxxxxxxxx>
  • To: openbeos@xxxxxxxxxxxxx
  • Date: Mon, 05 May 2003 02:13:58 +0200 CEST

"Ingo Weinhold" <bonefish@xxxxxxxxxxxxxxx> wrote:
> > So. The question then becomes how do we prevent all of that in the 
> > context of not changing the nature of the beast?
> That's the question, right. And I wouldn't want to put it aside doing 
> it `the easy way' instead, without seriously analyzing the problem. I 
> don't say, I have solutions, I just say, what I'd like the OS to be 
> capable of.

When it comes to create a solution for this (most of the issues 
shouldn't be too hard to solve with proper access rights for teams), 
count me in :-)
I do want to have an as secure (multi-user) OS as possible given the 
constraints set by the BeOS compatibility (I could probably live with 
letting some apps break).

> > What's this? No parties! Back to work! Don't make me lock you up 
> > with 
> > Axel in BGA's basement... ;-)
> Er, well, yes, I'm really sorry. ;-)

Well, here is plenty of space :-D

> > I use my Win2K machine at work to telnet into a gazillion Solaris 
> > servers. I would call that serious networking. But there are no 
> > network 
> > services on my W2K machine. :-) What you really do is draw a hard 
> > line 
> > on what is a server and what is a workstation. 
> That's the point. As a client OS Windows and BeOS work well enough. 
> But 
> I wouldn't want OBOS to end up like Windows, where you can relatively 
> easily get localsystem rights when having access to the machine as 
> any 
> user.

No, Windows isn't that bad with it (the NT line, of course); it is 
pretty secure - and it's kernel is very similar to ours (in many design 
decisions), so I hope we can borrow some concepts from there.
Of course, if there is room for improvement, we should make use out of 
it.

> If you can clone arbitrary root processes' areas and happily send 
> messages to their ports, it shouldn't be too hard to gain superuser 
> rights and access anything you want.

It will probably be hard not to allow anyone to send messages to other 
ports, but at least the clone_area() part should be pretty easy to 
solve ;-)

Adios...
   Axel.

Other related posts:

  1. Home
  2. haiku
  3. Archive
  4. 05-2003