Hi project,
Following the two previous threads, I am posting here a draft patch
implementing my proposal.
So, to begin with I will remind you the principle :
All function callable from outside wine, should be added sanity checks :
if safe_mode_on and (sanity_check1_failed or
On Sun, Feb 01, 2009 at 09:11:29AM +0100, Guillaume SH wrote:
I tested the two modes with the help of wine test suite, restricted to
kernel/file.c, test_overlapped and I considered only :
all must-be-successful tests
GetOverlappedResult(0, NULL, result, FALSE);
-- Forwarded message --
From: Guillaume SH gsh.debianli...@gmail.com
Date: 2009/2/1
Subject: Re: A basic implementation for increased security in wine proposal
To: Marcus Meissner mar...@jet.franken.de
Hi Marcus,
I stand corrected, as it appears I was way too naive in my
On Sun, Feb 01, 2009 at 10:41:25AM +0100, Guillaume SH wrote:
Imagine an ill-intentioned people, call it the attackers. By the mean of
simply creating the following C application (based on classical Hello
word) :
#include needed header
int main (int argc, char * argv[])
{
/* printf (
On Sun, Feb 01, 2009 at 01:23:49PM +0100, Guillaume SH wrote:
Basically, yes I don't know what the exploit is (there's no magic in there :
possibility for an exploit is enough to justify action).
So without the magic, there's no demonstrated possibility for an
exploit, so the justification goes
2009/2/1 Marcus Meissner mar...@jet.franken.de:
On Sun, Feb 01, 2009 at 10:41:25AM +0100, Guillaume SH wrote:
Running this application on wine, I get to have my crash, with the
possibility of an exploit. So all I have to do know is to find a vector to
make you and some other people willing to
Paul,
Basically, yes I don't know what the exploit is (there's no magic in there :
possibility for an exploit is enough to justify action). But I don't ask for
an API breakage, I propose wine to support two modes : one with API misuse
checks and one strictly the same behaviour as Windows.
This
Hi Paul,
You asked me to actually describe the security I am concerned about, so I am
going for it :
Imagine an ill-intentioned people, call it the attackers. By the mean of
simply creating the following C application (based on classical Hello
word) :
#include needed header
int main (int
On Sun, Feb 01, 2009 at 10:41:25AM +0100, Guillaume SH wrote:
Hi Paul,
You asked me to actually describe the security I am concerned about, so I am
going for it :
Imagine an ill-intentioned people, call it the attackers. By the mean of
simply creating the following C application (based on
I stand corrected, as it appears I was way too naive in my understanding of
software security, hence the example I provided.
IMHO the whole discussion is moot.
Any Windows app can easilly bypass *any* security measure in Wine by calling
int 0x80, and there's nothing we can do against that
10 matches
Mail list logo