> Thanks (and to Jim Paris).
>
> I of course did not mean that it was OK for the client to have code
> injection "portholes". I just meant that the particular exploit path
> that was described wasn't very interesting since someone who maliciously
> controls t
Hi,
Google Android applications on the T-Mobile G1 can spawn a telnetd
that gives remote root access to your phone:
http://www.android-unleashed.com/2008/11/howto-get-root-on-your-android-g1-and.html
This particular method needs user interaction, but a rogue Android app
could easily run telnetd
I wrote:
> Google Android applications on the T-Mobile G1 can spawn a telnetd
> that gives remote root access to your phone:
>
> http://www.android-unleashed.com/2008/11/howto-get-root-on-your-android-g1-and.html
>
> This particular method needs user interaction, but a rogue Android app
> could e
> > 0700 mode from the origin, you would be right, and procfs wouldn't allow
> > opening files in that directory too, but if you let others to traverse
> > that directory and open your believed to be secure files from the origin,
> > it's your fault.
>
> I can do the example with fd passing and
Marco Verschuur wrote:
> Your assumption that the same file descriptor is being re-opened is
> wrong! The file descriptor retrieved via /proc is a new one. It is
> not the same as the initial read-only.
Yes, I totally agree.
> Therefor it's totally of no influence what you do with the original
