Re: Power Management et. al.

To: Ethan Benson <erbenson@alaska.net>, <debian-powerpc@lists.debian.org>
Subject: Re: Power Management et. al.
From: Benjamin Herrenschmidt <benh@kernel.crashing.org>
Date: Thu, 19 Apr 2001 14:09:27 +0200
Message-id: <20010419120927.29516@mailhost.mipsys.com>
In-reply-to: <20010419022525.J6381@plato.local.lan>
References: <20010419022525.J6381@plato.local.lan>

>
>hehehe, well what got me thinking, is mol runs with root privileges
>full time.  and macos has no security whatsoever..  so does this mean
>that an errant MacOS app can screw with things on the linux side that
>would ordinarily be privileged?  i would guess not, but its fun to
>think about.  
>
>my main concern is the massive setuid root binary that mol is.  i
>think any debian package should offer to add a group and restrict
>permissions to the setuid mol bins. 

MOL emulates a virtual machine. So MacOS code cannot access anything
outside of this emulated environement. The only security risk I can
see is around the fake "drivers" used to communicate between MOL and
MacOS. I don't know if they are fully safe against things like buffer
overflow attacks or such. Also, make sure not to export to MacOS
disk partitions with critical informations ;)

Ben.

Reply to:

Follow-Ups:
- Re: Power Management et. al.
  - From: Ethan Benson <erbenson@alaska.net>

References:
- Re: Power Management et. al.
  - From: Ethan Benson <erbenson@alaska.net>

Prev by Date: dhclient
Next by Date: Re: dhclient
Previous by thread: Re: Power Management et. al.
Next by thread: Re: Power Management et. al.
Index(es):
- Date
- Thread