>> processes running as the same UID. If somebody pops Firefox, your SSH >> keys, email, documents, et c. are all at risk. > > Arguably that is a security flaw, not a design/interface flaw.
I don't know what distinction you're trying to draw there. OS X, Firefox, SSH, et c. are working as intended. The Unix/NT security model is: UIDs are protected from each other, but not from themselves or from root. The design is outdated and no longer sufficient, but it made a bit more sense when it was invented. Android uses the old mechanism in a new way, to be relevant in a world of code from many sources. The kernels may, and do, have implementation flaws that allow malicious programs to break that guarantee. That's a serious problem --- for all platforms. -- You received this message because you are subscribed to the Google Groups "Android Security Discussions" group. To post to this group, send email to [email protected]. To unsubscribe from this group, send email to [email protected]. For more options, visit this group at http://groups.google.com/group/android-security-discuss?hl=en.
