[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [MiNT] Security again

To: mint@fishpool.com
Subject: Re: [MiNT] Security again
From: Frank Naumann <fnaumann@csmd2.cs.uni-magdeburg.de>
Date: Thu, 2 Dec 1999 14:34:19 +0100
In-reply-to: <199912021325.OAA07895@haddock.cd.chalmers.se>
Sender: owner-mint@fishpool.com

Hi!

> > That's just a fake control. If you can override any trap you can override
> > the complete system, Ssystem() too.
> 
> Yes, but as I said, you wouldn't give this ability to just any program.
> If you want, make it restricted to 'formerly before MiNT, AUTO-folder'
> programs and you have exactly the same as right now, only with some degree
> of kernel control and much better system call efficiency.

And in what way you decide if such a program have the right permissions?
And it don't solve the problem itself. It only workaround some
sideeffects.

> cases where it _currently_ would step into supervisor mode or otherwise
> change vectors on its own (Setexec()?).

Setexc() is a system call. So MiNT have control over it ...

> _Some_ system control is surely better than _no_ control?

You win *eventual* _some_ control but loose any security mechanism and
loose a lot more stability as it's good.

> No. As I outlined the TraPatch-like functionality you wouldn't loose
> _anything_ from what we have now. You would only gain.

Sorry, I can't agree.

> Granted, this isn't how TraPatch itself works, but then that wasn't a
> MiNT kernel call.
> I have no idea how the proposed version for MiNT looked, but that isn't
> what I'm talking about here, anyway.

You can look for the rejected trapatch version in the rejected folder.
And, it was a system call.

> > application code you never have any control.
> 
> Currently we don't have any control over what you call parts of the kernel
> (that is, the AUTO-folder stuff that runs before MiNT), which is one of the
> things I'd like to do something about. The other is system call efficiency.

No, you can't override the system at the moment. If MiNT run all
GEMDOS/BIOS/XBIOS functions are under control of MiNT.

Your idea is to (explicitly) give up that control.


Tschuess
   ...Frank

--
ATARI FALCON 040 // MILAN 040
--------------------------------------
Internet: fnaumann@cs.uni-magdeburg.de
Mausnet:  Frank Naumann @ B2

Follow-Ups:
- Re: [MiNT] Security again
  - From: Johan Klockars <rand@cd.chalmers.se>
- [MiNT] Security again
  - From: Joerg_Westheide@su.maus.de (Jörg Westheide)

References:
- Re: [MiNT] Security again
  - From: Johan Klockars <rand@cd.chalmers.se>

Prev by Date: Re: [MiNT] Security again
Next by Date: [MiNT] MP on CT2
Previous by thread: Re: [MiNT] Security again
Next by thread: Re: [MiNT] Security again
Index(es):
- Date
- Thread