[REBOL] Re: Security hole ? (was: image memory representation)
From: arolls:bigpond:au at: 23-Aug-2001 23:07
> > Supposing an evil program made a very large
> > image this way, but only initialized a tiny
> > bit as seen already. Then it could scan
> > lots of rebol memory, and if it was smart,
> > might be able to get a username and password,
> > if the user had set these previously.
> interesting thoughts :-)
> > I wonder about the memory situation with
> > launched programs. Running launched programs
> > using the Desktop is the most likely way
> > for the user to run something without
> > looking at the code.
> Yes, but you live in a sandbox, don't you? So, if any app tries
> to read, write
> outside your sandbox, rebol asks you for permission - it is up to
> you then ...
What I meant was... envisage this situation:
- First, start rebol in console,
- access your ftp site, storing user and pass in a couple of strings.
- run desktop
- launch and run an "evil" program
Is rebol memory pool the same for the launched program as in
the console at the first point?
If so, then it's possible that the evil program can send away user
and password. Then evil programmer can freely access the ftp
This way does not rely on read/write access, because it reads
an image it has allocated "properly".
Anyway, I can see this bug being fixed pretty soon.