[DGD] Kernel Lib Wiztool/Auto security
Raymond Jennings
shentino at gmail.com
Fri Jul 19 05:52:53 CEST 2013
The wiztool does the checks on behalf of the owner of the wiztool and not
the creator of the object.
This is useful if you have a wiztool created by System, but owned by the
wizard in question.
On Thu, Jul 18, 2013 at 3:53 PM, Gary Preston <gary at mups.co.uk> wrote:
> I've been reading through the kernel library source to get a better
> understanding of the security measures it takes and why (that and the
> various docs on the phantasmal site). Whilst doing so, I noticed that the
> kernel/lib/wiztool has numerous functions which appear to partially
> duplicate the auto object security checks.
>
> For example, wiztool clone_object checks path for /kernel/ or read access
> before invoking the parent class clone_object function on the auto object
> which repeats those checks plus a number of additional checks.
>
> Is there ever a case when the wiztool object would not inherit from the
> auto object? Or is there another reason behind the wiztool duplicating some
> of the security checks that the auto object will perform anyway?
>
> Cheers,
>
> Gary
>
>
> ____________________________________________
> https://mail.dworkin.nl/mailman/listinfo/dgd
>
More information about the DGD
mailing list