"m. allan noah" <[email protected]> writes: > On 2/8/07, Olaf Meeuwissen <[email protected]> wrote: >> "simon.zheng" <[email protected]> writes: >> >> > I'm a new commer for SANE & XSane. Here are some >> > security questions when studying API sane_control_option(). >> > I would appreciate if anyone can give help. >> > >> > Is there any possibility sane_control_option() allows >> > you to get or set any control that would allow one >> > user to affect another user. For example: >> >> sane_control_option() is there so that frontends can tell the backends >> what the user wants to do. It's a very abstract interface and exactly >> what options are available is left to the discretion of each backend. >> >> So any security implications are not a result of sane_control_option() >> but of the set of options a particular backend chooses to provide. > > and perhaps just as important- this consideration changes based on the > lifetime > of the running application. since an individual sane backend exits at the same > time as the frontend (it is not a daemon), two users using even the same > frontend on the host will not share memory. this changes of course if you > write > a frontend that is long running, like saned...
A frontend could be used to change a hardware setting. Such settings may remain in effect even after the frontend terminates. If that is the case then the scenarios Simon originally mentioned become very real. Hope this helps, -- Olaf Meeuwissen EPSON AVASYS Corporation, SE1 FSF Associate Member #1962 sign up at http://member.fsf.org/ GnuPG key: 6BE37D90/AB6B 0D1F 99E7 1BF5 EB97 976A 16C7 F27D 6BE3 7D90 Penguin's lib! -- I hack, therefore I am -- LPIC-2
