[interfacekit] Re: App_server security
- From: "Axel Dörfler" <axeld@xxxxxxxxxxxxxxxx>
- To: interfacekit@xxxxxxxxxxxxx
- Date: Wed, 17 Sep 2003 18:04:52 +0200 CEST
"DarkWyrm" <bpmagic@xxxxxxxxxxxxxxx> wrote:
> After a conversation at the end of the last administrative meeting, I
> was wondering something about the current decorator scheme which
> never
> even dawned on me - security. Should we have addons in the app_server
> at all aside from accelerants? If so, how "trusted" should the access
> be? To be a little more specific, I mean that, for example, there is
> a
> function which returns a pointer to the graphics driver. Should
> decorators be allowed to access this pointer or should there be
> proxied
> access to it, for fear of doing absolutely stupid things like calling
> delete on it? Decorators at this point can't do something crazy like
> delete all running apps or something, but I wondered if this kind of
> thing is a legitimate concern. Thoughts?
I don't think we have to consider security as that important right now.
When an add-on is loaded, it has all sorts of powers anyway, like
crashing the app_server.
That said, I think that the installation of this sort of add-on
(exactly like kernel drivers) should require root access to the machine
- and that comes into play when we introduce a true multi-user
approach. That kind of security probably shouldn't bother us before.
Adios...
Axel.
- References:
- [interfacekit] App_server security
- From: DarkWyrm
Other related posts:
- » [interfacekit] App_server security
- » [interfacekit] Re: App_server security
- » [interfacekit] Re: App_server security
- » [interfacekit] Re: App_server security
- » [interfacekit] Re: App_server security
- [interfacekit] App_server security
- From: DarkWyrm