Login
Username:

Password:

Remember me



Lost Password?

Register now!

Sections

Who's Online
80 user(s) are online (64 user(s) are browsing Forums)

Members: 1
Guests: 79

sailor, more...

Support us!

Headlines

 
  Register To Post  

« 1 (2)
Re: wget 1.25.0 for os4
Home away from home
Home away from home


See User information
@Futaura

That makes it harder, I agree, but I think its possible to workaround that.


Edited by LiveForIt on 2025/6/18 22:49:28
(NutsAboutAmiga)

Basilisk II for AmigaOS4
AmigaInputAnywhere
Excalibur
and other tools and apps.
Go to top
Re: wget 1.25.0 for os4
Quite a regular
Quite a regular


See User information
@LiveForIt
Quote:
Can easily hack into amigaOS4 library api. AmiSSL has a big back door. Statically linking makes it harder to be man in the middle.

How is that an issue on an OS without memory protection or user separation? Since AmigaOS has no security at all anything can mess with anyting anyway. Even on Unix like systems you can probably preload dynamic objects and override library functions and it's not considered a problem for using openssl.

Go to top
Re: wget 1.25.0 for os4
Just popping in
Just popping in


See User information
This version does not work with clib4 2.0 :/

Kind regards,

Go to top
Re: wget 1.25.0 for os4
Home away from home
Home away from home


See User information
@Petrol
Sadly with 2.0 there were 1 bug (in threads, Andrea aware, should be fixed soon) and 1 feature meaning changes in crtbegin code causes needs of recompile if you want to use clib4 2.x (that why there verdion bump). So for wget for time being use 1.6 one


Edited by kas1e on 2025/8/22 10:10:14
Join us to improve dopus5!
AmigaOS4 on youtube
Go to top
Re: wget 1.25.0 for os4
Home away from home
Home away from home


See User information
@balaton

“How is that an issue on an OS without memory protection”

AmigaOS4 does have some memory protection, zero page is protected, unallocated memory is protected, primary function of AmigaOS4 memory protection, is to detect programming mistakes made by the developer, this what call (bugs), bugs are not hacks or exploits.
so memory also swapped, out like video memory, or virtual memory. You can’t simply read or write any location, its likely to cause a DSI error.

“Since AmigaOS has no security at all anything can mess with anyting anyway.”

well it can be hard to find what your looking for, you don’t know where to look, man in the middle attacks, where have program intercepting communication, it most likely way to read or modify data.

Sense it’s the console that allocated the stack, you can assume that there is something in the stack, after the program is run, AmigaOS does clear the stack. so, you can’t sniff out old password, or text strings after a program was executed from the stack, I say that security feature.

“Even on Unix like systems you can probably preload dynamic objects and override library functions and it's not considered a problem for using openssl.”

I’m not familiar with UNIX security problems, but yeh… if you can change search path for dynamic link libraries, this can be issue.

(NutsAboutAmiga)

Basilisk II for AmigaOS4
AmigaInputAnywhere
Excalibur
and other tools and apps.
Go to top

  Register To Post
« 1 (2)

 




Currently Active Users Viewing This Thread: 1 ( 0 members and 1 Anonymous Users )




Powered by XOOPS 2.0 © 2001-2024 The XOOPS Project