[haiku-commits] Re: r41581 - in haiku/trunk: headers/private/interface src/add-ons/decorators/BeDecorator src/add-ons/decorators/MacDecorator src/add-ons/decorators/SATDecorator src/add-ons/decorators/WinDecorator ...
- From: Rene Gollent <anevilyak@xxxxxxxxx>
- To: haiku-commits@xxxxxxxxxxxxx
- Date: Thu, 19 May 2011 23:48:52 -0400
On Thu, May 19, 2011 at 8:03 PM, David McPaul <dlmcpaul@xxxxxxxxx> wrote:
> How is this different to what was there before?
>
Previously, only a name was given, which the app_server loaded from a
fixed location, namely the decorator add-ons folder. The interface now
lets you give it a path to any arbitrary location on disk, which is
more or less asking for malware, since that opens the door for a
downloaded app to ask the app_server to load it as an add-on and then
consequently execute malicious code with OS-level privileges
(previously such a scenario wouldn't have been possible unless the
user went out of their way to save the executable in question in the
decorator add-on dir). While not strictly an issue right now since
that's the same privilege level the single user of the sys has
anyways, once we go multiuser that kind of vector is unacceptable
security-wise.
Regards,
Rene
Other related posts: