[haiku-bugs] Re: [Haiku] #16610: app_server: crash when running application from another user
- From: "Haiku" <trac@xxxxxxxxxxxx>
- To: undisclosed-recipients: ;
- Date: Thu, 19 Nov 2020 16:52:35 -0000
#16610: app_server: crash when running application from another user
---------------------------------+----------------------------
Reporter: X512 | Owner: axeld
Type: bug | Status: new
Priority: normal | Milestone: Unscheduled
Component: Servers/app_server | Version: R1/Development
Resolution: | Keywords:
Blocked By: | Blocking:
Platform: All |
---------------------------------+----------------------------
Comment (by waddlesplash):
Multiple app_servers will require separate server to handle graphics
hardware.
We should have that anyway, so that we can have "remote desktop" users
connected to a machine with app_servers that are not connected to the
display output, and some who are.
Running multiple user sessions fully secure is not possible without
approach like Genode or each session in virtual machine.
What does "fully secure" mean here? Obviously there will be some things
that are unfixable, sure, but using separate processes for separate users
solves a ton of problems right up front (for example, there is only one
clipboard at present, and if we have multiple app_servers/registrars the
code can stay mostly the same, vs. much more complicated logic for per-
user clipboards.)
for example device_manager that I recently checked.
I am not sure how much of that comment still applies, as the code now uses
user_memcpy and appears to reject non-user pointers. Regardless, there are
certainly lots of kernel issues to fix indeed, and things that should be
redesigned there, too, with security more in mind. We should do the same
in userspace.
user processes (second launch_daemon and everything it launch) should
run from separate user, not superuser
There are already multiple launch_daemons: one "master" to control the
whole system, and then one per desktop session (as there is presently only
one, for the root user, both processes of course run as root.)
--
Ticket URL: <
https://dev.haiku-os.org/ticket/16610#comment:5>
Haiku <
https://dev.haiku-os.org>
The Haiku operating system.
Other related posts: