On 04/06/2017 02:56 AM, Alan Bateman wrote:
On 05/04/2017 17:55, David M. Lloyd wrote:
This is just plain weird from a security perspective, to say that
unrelated processes have more privilege to control the current process
than processes that are closely related.
Anyway this is yet another case where arbitrary artificial hurdles are
put in place for the purpose of human behavior modification. Such
hurdles can always be bypassed, generally resulting in even uglier
situations that the one you're trying to avoid. In this case I can
just fire a child process and then attach to it from the parent. Or
fire off two sibling processes and have one attach to the other.
Nothing is being saved here.
This thread/proposal is concerned with libraries using APIs intended for
tools to do brain surgery in the current VM.
I know, I'm giving examples of how such a library could circumvent this
restriction. Another example is to start a child process and a
grandchild process, and then have the child process exit.
Adding technical hurdles to send a social message is frankly pretty
lousy engineering. It never fails to backfire.
--
- DML
