home *** CD-ROM | disk | FTP | other *** search
- From: bousch@topo.matups.fr (Thierry Bousch)
- Subject: Security in MiNT
- Date: Sat, 7 May 1994 21:50:11 +0200 (MET DST)
- In-Reply-To: <9405071118.AA03935@pirol.techfak.uni-bielefeld.de> from "itschere@TechFak.Uni-Bielefeld.de" at May 7, 94 01:18:30 pm
-
- Hello Torsten,
-
- > I'm currently implementing the getauid/setauid system calls to MiNT, and I
- > know someone who is working on the supplementary group calls getgroups/set-
- > groups. I know there're people outside thinking security under MiNT is a
- > joke, but first you'll never get it if you don't try and second someone
- > might like the functionality of a user belonging to several groups.
-
- There are some security holes which will be difficult to plug. For
- instance, any user process can call Super(0L) to switch the
- microprocessor into supervisor mode, raise the IPL mask to seven, and
- enter a tight loop (or even nastier). Nice, isn't it?
-
- Of course, you could think of making Super() and Supexec() usable only
- by root, but since the MiNTlibs need one of these functions to scan the
- cookie jar (and test for the presence of MiNT), it's not realistic.
-
- You'll note too that even effective uids/gids are not handled properly
- by MiNT and its filesystems; often setuid programs are unable to remove
- files which they have created -- this has already been discussed...
-
- Thierry.
-