Re: Kernel extensions and code injection?
Re: Kernel extensions and code injection?
- Subject: Re: Kernel extensions and code injection?
- From: Michael Cashwell <email@hidden>
- Date: Thu, 17 Feb 2005 17:36:17 -0500
On Feb 16, 2005, at 11:06 PM, email@hidden wrote:
I've been working on a kernel extension that adds functionality to the
IOHIDSystem class. Specifically, I want to be able to intercept mouse
and
keyboard events, manipulate specific events, and then pass them along.
The
point of doing this in a kernel extension is so that I can do this
before the
events arrive at the target application. (Incidentally, if there is a
way to do
this without writing a kernel extension, perhaps at the point where
the window
server receives the events, please do tell! AFAIK, though, there
isn't.)
I don't have a solution or even any real data for TOP, but I would like
to inject a comment into the discussion.
I certainly hope that if there is a way to do this _without_ installing
a kernel extension that it operates in a secure manner. I should have
to authenticate as an admin on the system to get such a thing installed
even when running under and admin account. Otherwise this would be an
obvious path to bring all manner of spyware to the platform.
My $0.02.
-Mike
_______________________________________________
Do not post admin requests to the list. They will be ignored.
Darwin-kernel mailing list (email@hidden)
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden