Le 2020-05-13 20:31, Peter Howkins a écrit :
For the very same reason a webpage running javascript can't execute
shell commands or host API calls on your host OS.
Not the same. A web browser is a door opened to the outside. Local
applications can do bad things, but inside the limits of the the rights
and ACL you give to them.
Can you explain your use case here, what are you actually trying to
achieve?
- Universal print bridge from one only RISC OS PS driver
- USB auto-mounting in new hostfs drives
- SANE interface in a module
- Local screen definition for dynamic screen resize
- x86 (sandboxed) code (for speed)
- Launch selected local applications (MP3 playing, etc.)
- Local engines (for example x86 V8 mapped as a module, or BBCBasic x86
as a module)
- Redirection of Qemu's Spice output in RISC OS Windows
- SQL bridge
Etc.
It is entirely possible to provide access to host services in a secure
manner, if they have a defined scope.
Of course. I don't ask for some privilege escalation nightmare.
Security can be:
- ACL and strict rights
- confirmation box on the host
- send commands only to a VM, not a host
- predefine the commands you can launch on the host
- IPC with selected / specific x86 apps
If we can extend RPCEmu that way, you won't have to do it yourself. Else
you can plan it too. It'll be even better :)
David
_______________________________________________
RPCEmu mailing list
[email protected]
http://www.riscos.info/cgi-bin/mailman/listinfo/rpcemu
