[haiku-bugs] Re: [Haiku] #16219: Move headers needed for decorator add-on to headers/private

• From: "Haiku" <trac@xxxxxxxxxxxx>
• To: undisclosed-recipients: ;
• Date: Tue, 09 Jun 2020 15:56:12 -0000

#16219: Move headers needed for decorator add-on to headers/private
---------------------------------+----------------------------
  Reporter:  X512                |      Owner:  stippi
      Type:  enhancement         |     Status:  new
  Priority:  normal              |  Milestone:  Unscheduled
 Component:  Add-Ons/Decorators  |    Version:  R1/Development
Resolution:                      |   Keywords:
Blocked By:                      |   Blocking:
  Platform:  All                 |
---------------------------------+----------------------------
Comment (by pulkomandy):

In addition, I’d once again like to argue that I don’t feel that out-of-

 tree source code should be using headers from headers/private, as once
 again, those apis are “volatile”.

 As waddlesplash mentionned, there is a precise rule as to what gets into
 private/ and published to the image precisely to avoid problems.

 The idea is that we have a libshared.a which is statically linked, and
 everything that goes in there is also in the BPrivate namespace. As a
 result, compiled apps embed this code and will continue to run fine in
 future Haiku versions. We use this as a kind of staging area for work in
 progress APIs in a safe way, and when we think the API design is done we
 can move these things out of libshared to the appropriate kits.

 This of course doesn't work for the decorators.

 As for moving the add-ons to a separate server, would that work? You'd
 have to set up an IPC to call everytime you want to draw something, right?
 What is the performance and complexity cost of this? What happens if the
 app_addon_server crashes? What if a malicious add-on messes up with the
 IPC in some way? What if it draws a fake password prompt and manages to
 intercept keystrokes in some way?

 I'm not sure we can easily solve this, except by not allowing decorator
 and control look add-ons at all. In any case it needs more thinking and
 careful design, and certainly a lot more major changes if we want to have
 some kind of security here.
-- 
Ticket URL: <https://dev.haiku-os.org/ticket/16219#comment:8>
Haiku <https://dev.haiku-os.org>
The Haiku operating system.

• References:
  • [haiku-bugs] [Haiku] #16219: Move headers needed for decorator add-on to headers/private
    • From: Haiku

Other related posts:

• » [haiku-bugs] [Haiku] #16219: Move headers needed for decorator add-on to headers/private- Haiku
• » [haiku-bugs] Re: [Haiku] #16219: Move headers needed for decorator add-on to headers/private- Haiku
• » [haiku-bugs] Re: [Haiku] #16219: Move headers needed for decorator add-on to headers/private- Haiku
• » [haiku-bugs] Re: [Haiku] #16219: Move headers needed for decorator add-on to headers/private- Haiku
• » [haiku-bugs] Re: [Haiku] #16219: Move headers needed for decorator add-on to headers/private- Haiku
• » [haiku-bugs] Re: [Haiku] #16219: Move headers needed for decorator add-on to headers/private- Haiku
• » [haiku-bugs] Re: [Haiku] #16219: Move headers needed for decorator add-on to headers/private- Haiku
• » [haiku-bugs] Re: [Haiku] #16219: Move headers needed for decorator add-on to headers/private- Haiku
• » [haiku-bugs] Re: [Haiku] #16219: Move headers needed for decorator add-on to headers/private - Haiku
• » [haiku-bugs] Re: [Haiku] #16219: Move headers needed for decorator add-on to headers/private- Haiku
• » [haiku-bugs] Re: [Haiku] #16219: Move headers needed for decorator add-on to headers/private- Haiku

1. Home
2. haiku-bugs
3. Archive
4. 06-2020

---

• » Previous by Date
• » Next by Date
• » Related Posts
• » View list details
• » Manage your subscription

---