On Wed, Nov 24, 2010 at 09:03:24PM +0000, Chris Young wrote: > wapcaplet.library > > There is a security flaw in this library due to the implementation > and its translation to a system global context. All users of this > library get the same context and thus, the same linked-list set of > strings. This has the advantage of greater efficiency, and is > necessary so both (eg) css.library and NetSurf can share strings. Any > sensitive data stored in lwc_strings can easily be extracted by a > malicious user of the library. The nature of wapcaplet.library does > not lend itself to storage of personal information, so it is not > expected that any application will intentionally do this. As > wapcaplet.library could easily be patched to intercept strings as they > are being set, and - in a system without memory protection - any > application can read strings from memory regardless, this additional > problem is deemed insignificant. The warning "do not use > wapcaplet.library for sensitive data" should be heeded (instead link > libwapcaplet.a, or better yet use something more appropriate). This > will be revisited if it is deemed a significant risk.
I may be missing something, but how is this an issue at all? Do all AmigaOS processes share the same context pointer or similar? On other OSes, each process gets its own "copy" of the library, and other processes can't reach the data a process has stored. If this isn't true, the security issue is with the OS, not libwapcaplet. B.
