[openbeos] Re: OBOS Security
- From: "Scott MacMaster" <zqxh@xxxxxxx>
- To: <openbeos@xxxxxxxxxxxxx>
- Date: Wed, 7 Aug 2002 16:23:24 -0400
> > I generally think that the best way to solve this, is to let the
> > application tell whether or not it wants messages from outside it's team
> > - and if it wants those, then just from specific applications (though
> > this could probably be faked/spoofed).
>
> So, like a BUserFilter, which looks at incoming messages and judges
> whether or not the uid of a message is acceptable to the looper in
> question.
>
> Of course, that doesn't stop a malicious program from flooooding a port
> with messages to slow it down/force incoming messages to drop (though
> I'm not sure it would crash it/cause information leaks) -- sort of a DOS
> attack on the internals of the OS.
I don't think a system level solution would prevent this either because then
the system would get bogged down. Well, unless the system decides to kill
the process sending all the messages.
Scott MacMaster
-------------------------------------------
Introducing NetZero Long Distance
Unlimited Long Distance only $29.95/ month!
Sign Up Today! www.netzerolongdistance.com
Other related posts:
