Lists

Open Menu Close Menu

Terms and Conditions
Lists hosted on this site
Email the Postmaster
Tips for posting to public mailing lists

Re: Patching an application (long)

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Patching an application (long)

Subject: Re: Patching an application (long)
From: Chris Hanson <email@hidden>
Date: Thu, 16 Jan 2003 14:52:41 -0600

At 10:22 AM -0800 1/16/03, Buddy Kurz wrote:

I'm not usually paranoid (no matter what they say) but I would prefer that my trusted applications remain trustworthy!
Any thoughts or reassurances on this?

It is a serious security problem.

My hope is that Apple will fix it, perhaps by only allowing non-root tools signed with a special private key to manipulate other processes' address spaces without a warning dialog of some sort. (Tools running as root would be able to do it just as they can now.) That way, debuggers would still be able to work fine -- since their developers could submit their binaries to Apple for signing -- but this patching garbage would stop.

-- Chris

--
Chris Hanson, bDistributed.com, Inc. | Email: email@hidden
Custom Application Development | Phone: +1-847-372-3955
http://bdistributed.com/ | Fax: +1-847-589-3738
http://bdistributed.com/Articles/ | Personal Email: email@hidden
_______________________________________________
cocoa-dev mailing list | email@hidden
Help/Unsubscribe/Archives: http://www.lists.apple.com/mailman/listinfo/cocoa-dev
Do not post admin requests to the list. They will be ignored.

Follow-Ups:
- Re: Patching an application (long)
  - From: Jeff Disher <email@hidden>

References:
	>Re: Patching an application (long) (From: Buddy Kurz <email@hidden>)

Prev by Date: Re: HFSPromised, other file systems, and what is the deal ?
Next by Date: BDAlias 1.0.1
Previous by thread: Re: Patching an application (long)
Next by thread: Re: Patching an application (long)
Index(es):
- Date
- Thread