Home away from home 
Joined: 2006/11/20 16:26 Last Login
: 9/30 10:00
From Norway
Group:
Registered Users
|
@balaton
“How is that an issue on an OS without memory protection”
AmigaOS4 does have some memory protection, zero page is protected, unallocated memory is protected, primary function of AmigaOS4 memory protection, is to detect programming mistakes made by the developer, this what call (bugs), bugs are not hacks or exploits. so memory also swapped, out like video memory, or virtual memory. You can’t simply read or write any location, its likely to cause a DSI error.
“Since AmigaOS has no security at all anything can mess with anyting anyway.”
well it can be hard to find what your looking for, you don’t know where to look, man in the middle attacks, where have program intercepting communication, it most likely way to read or modify data.
Sense it’s the console that allocated the stack, you can assume that there is something in the stack, after the program is run, AmigaOS does clear the stack. so, you can’t sniff out old password, or text strings after a program was executed from the stack, I say that security feature.
“Even on Unix like systems you can probably preload dynamic objects and override library functions and it's not considered a problem for using openssl.”
I’m not familiar with UNIX security problems, but yeh… if you can change search path for dynamic link libraries, this can be issue.
|