Re: what's with the admin privilege business
Re: what's with the admin privilege business
- Subject: Re: what's with the admin privilege business
- From: David Penton <email@hidden>
- Date: Tue, 26 Jan 2010 20:44:12 -0500
On 2010-01-26, at 7:44 PM, Jens Alfke wrote: On Jan 26, 2010, at 4:32 PM, David Penton wrote: Why is it that a development tool should need to access resources other than "my own", i.e. memory, processes etc. belonging to the logged-in user? Access to internals of other processes is considered sensitive, even if those processes belong to the same user, because it breaks the walls that keep processes from interfering with each other. So ordinarily your app can spray bits all over memory but that won't affect SystemUIServer or Finder; but by misusing debugger-type APIs, it can easily smash your other processes.
Maybe this is a newer level of paranoia, or maybe the Unix systems you were using before gave all user accounts permission to do things like this (since anyone using the machine must be a programmer, right?)
—Jens
Very instructive, thanks.
Your earlier example of snooping through Mail's address space is a good one. The need to set up walls between processes belonging to the same user seems obvious to me now. D'oh....
Actually, my experience from years ago is hardly relevant in our current age of malware. I was momentarily stuck in the thinking of a bygone era. Not that such problems did not arise back then, but rather that nobody in my shop worried about security. We were hardly networked to the outside world.
Best,
- Dave -
|
_______________________________________________
Do not post admin requests to the list. They will be ignored.
Xcode-users mailing list (email@hidden)
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden