Re: Passing pointers as UIDs | kernel<->userspace communication
Re: Passing pointers as UIDs | kernel<->userspace communication
- Subject: Re: Passing pointers as UIDs | kernel<->userspace communication
- From: Michael Smith <email@hidden>
- Date: Wed, 19 Sep 2012 13:50:58 -0700
On Sep 18, 2012, at 2:48 PM, comex wrote:
There are a variety of possible threat models here, with varying
levels of attacker interest/experience (imagine if your app was known
to be installed on some political target's computer); but more
importantly, it's not like this is a fundamental tradeoff between
security and performance. It's not hard to implement a hash table or
just an array, as I said, and have the cost of looking the structure
up be almost negligible compared to, say, the system call overhead, so
you should do so and avoid the entire security can of worms.
It's not necessary to implement a new datastructure at all.
One of the canonical ways to handle this is to vend a unique handle (a simple incrementing counter is often sufficient), and then use an OSDictionary to maintain the binding between the handle and whatever OSObject you're using to hold your data.
= Mike
|
_______________________________________________
Do not post admin requests to the list. They will be ignored.
Darwin-kernel mailing list (email@hidden)
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden