[haiku-bugs] Re: [Haiku] #16610: app_server: crash when running application from another user
- From: "Haiku" <trac@xxxxxxxxxxxx>
- To: undisclosed-recipients: ;
- Date: Thu, 19 Nov 2020 16:37:09 -0000
#16610: app_server: crash when running application from another user
---------------------------------+----------------------------
Reporter: X512 | Owner: axeld
Type: bug | Status: new
Priority: normal | Milestone: Unscheduled
Component: Servers/app_server | Version: R1/Development
Resolution: | Keywords:
Blocked By: | Blocking:
Platform: All |
---------------------------------+----------------------------
Comment (by X512):
I think we should just start separate app_servers for separate user
sessions.
I prefer single global `app_server` because it is more resource efficient
and easier to manage. Multiple app_servers will require separate server to
handle graphics hardware. Running multiple user sessions fully secure is
not possible without approach like Genode or each session in virtual
machine.
due to how much state app_server manages and how easy it will always be
for data to get innocently "mixed up", or (worse) an actual bug causes an
information leak
Bugs should be fixed. Compared to win32k.sys or X.Org, app_server has
clear architecture and it is possible to introduce proper permissions
check. Currently Haiku kernel probably has more security issues, for
example [
https://git.haiku-
os.org/haiku/tree/src/system/kernel/device_manager/device_manager.cpp#n428
device_manager] that I recently checked.
For first step, user processes should run from separate user, not
superuser (as visible on
[
https://raw.githubusercontent.com/X547/HaikuUtils/master/SystemManager/Screenshot.png
screenshot], all processes run with user 0) and privilege elevation should
be used for administrative actions.
--
Ticket URL: <
https://dev.haiku-os.org/ticket/16610#comment:4>
Haiku <
https://dev.haiku-os.org>
The Haiku operating system.
Other related posts:
