home *** CD-ROM | disk | FTP | other *** search
- From: Stephen Henson (CSM) <shenson@camborne-school-of-mines.ac.uk>
- Date: Sat, 17 Apr 93 14:08:18 BST
- Message-Id: <3598.9304171308@csm.ac.uk>
- To: mint <mint@terminator.rs.itd.umich.edu>
- Subject: MiNT security ?
-
- With Eric's recent addition of superuser privs needed for Tsetdate etc. (MiNT
- 1.05), I think a few more additions are needed. Security is a joke without
- memory protection anyway. At present *with* memory protection its a joke as
- well ...
-
- Here's a list of functions that immediately spring to mind which
- should require root privs to use:
-
- Super(),Rwabs(),Setexc(),Floprd(),Flopwr(),Flopfmt(),Mfpint(),Xbitimer(),
- Supexec().
-
- Roughly speaking, these allow access to supervisor mode, in some
- way, or allow manipulation of disk data. Since the device driver installation
- calls allow this too, they should be root only as well.
-
- Others could merely be used to be a pain (!) by resetting certain
- info or crashing the system. Some of these are:
-
- Tsetdate(),Tsettime(),Initmous(),Setscreen(),Setpallette(),Setcolor(),Rsconf(),
- Keytbl(),Cursconf(),Scrdmp(),Settime(),Jdisint(),Jenabint(),Giaccess(),
- Offgibit(),Ongibit(),Dosound(),Setprt(),Kbrate().
-
- Anyway, no doubt others can think up a few I've missed. Lots of other
- ways exist to bypass security with ease, e.g. add your own installable filesys
- (which would be on an unprotected TOS partition) or hacked version of MiNT.
- This could be got round by allowing MiNT/minixfs to boot from a minix partition
- (not as paradoxical as it sounds), which currently can't be done (anyone who
- draws the conclusion from this that I would thus want (a) minixfs to be able
- to completely replace all tos filesystems (b) become more 'official' and
- (c) get some money for it, can only have my complete assurance that they are
- probably right :-) ).
- Regards all, Steve.
-
