Re: Sample code for a Finder hack - "haxies"
Re: Sample code for a Finder hack - "haxies"
- Subject: Re: Sample code for a Finder hack - "haxies"
- From: "Alastair J.Houghton" <email@hidden>
- Date: Thu, 30 Oct 2003 11:58:00 +0000
On Thursday, October 30, 2003, at 11:13 am, Oliver Donald wrote:
This paragraph from "Dynamic overriding in OS X" got my attention:
'Mach offers the ability for one process to allocate memory in another
process's address space via the vm_allocate() call. You can populate
to this
"remote" memory block using vm_write(). Finally,
thread_create_running()
allows you to create a new thread in another process.'
Do those functions not present a pretty serious security risk? Are
there any
rules regarding what process' can be patched?
I'm no expert on Mach, but it's almost certainly controlled by whether
you have rights on a Mach port, the same as many other things in Mach.
It seems a bit dodgy that any
old application can mark another app's address space writeable and then
splat data into it. Is this ok?
Fine, as long as it has the rights to do so and as long as the security
mechanisms are effective.
Kind regards,
Alastair.
_______________________________________________
cocoa-dev mailing list | email@hidden
Help/Unsubscribe/Archives:
http://www.lists.apple.com/mailman/listinfo/cocoa-dev
Do not post admin requests to the list. They will be ignored.