• Open Menu Close Menu
  • Apple
  • Shopping Bag
  • Apple
  • Mac
  • iPad
  • iPhone
  • Watch
  • TV
  • Music
  • Support
  • Search apple.com
  • Shopping Bag

Lists

Open Menu Close Menu
  • Terms and Conditions
  • Lists hosted on this site
  • Email the Postmaster
  • Tips for posting to public mailing lists
Re: Rosetta and Code Injection
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Rosetta and Code Injection

  • Subject: Re: Rosetta and Code Injection
  • From: Bob Murphy <email@hidden>
  • Date: Wed, 23 Apr 2008 20:59:25 -0700
So how does one distinguish the Rosetta process from the PPC surrogate? 

You don't.

Let me put this pretty bluntly... how would you like to be the poor engineer catching bug reports because Joe Blows thread that he ran in your address space happened to overwrite something critical because Joe Blow made a mistake in his code? How much worse would this be if someone were giving out cookbooks to people who otherwise were beginning coders?

I know how hazardous this is. Even worse than causing crashes, it could be a security hole a mile wide.

Frankly, I wasn't expecting to get answers from Apple engineers, or much of any real discussion on the list. I just posted here because I thought maybe some third party developers who knew about code injection might hang out on this list, and email me privately.

Shipping commercial and open-source apps have been using code injection and the underlying kernel routines for years. I'm just trying to fix one of those apps so it works with Rosetta. If there were another, safer way to accomplish this, I'd happily use it.

However...
1. Apple has a security model that prevents arbitrary apps from doing code injection. So it's safer than it could be, and the user gets some warning when they have to type in a supervisor password to get the app to work.
2. As a professional Mac developer since 1985, I've been that "poor engineer catching bug reports" many, many times. The last thing I want to do is write buggy injection code that causes any poor engineer grief - whether it's myself or someone else.
3. The app I'm working on is well-established, and its users are quick to report any crashes or odd behaviors.

Now ask yourself again why this is unsupported...

Oh, I already knew! :-) I sit on your side of the fence in my other life, working on a Linux-based cell phone platform. So I get to tell people why they can't do things like render directly to the hardware frame buffer (the X server owns it exclusively), no matter how important the frame rate in their game is.

- Bob

_______________________________________________
Do not post admin requests to the list. They will be ignored.
Darwin-kernel mailing list      (email@hidden)
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden






References: 


 >Rosetta and Code Injection (From: Bob Murphy <email@hidden>)


 >Re: Rosetta and Code Injection (From: Shantonu Sen <email@hidden>)


 >Re: Rosetta and Code Injection (From: Bob Murphy <email@hidden>)


 >Re: Rosetta and Code Injection (From: Terry Lambert <email@hidden>)


 >Re: Rosetta and Code Injection (From: Bob Murphy <email@hidden>)


 >Re: Rosetta and Code Injection (From: Terry Lambert <email@hidden>)






    

  • Prev by Date:
Re: Rosetta and Code Injection

    • 

  • Next by Date:
Re: Rosetta and Code Injection

    • 

  • Previous by thread:
Re: Rosetta and Code Injection

    • 

  • Next by thread:
Re: Rosetta and Code Injection

    • 

  • Index(es):

      

    • Date
      • 

    • Thread
      • 

    

    •