On Sun, May 24, 2009 at 7:57 PM, Greg Guerin <glgue...@amug.org> wrote: > Michael Ash wrote: > >> Malevolent process C fails. > > Or maybe malevolent process C works because it's running with the same uid > as unprivileged process A. The sticky-bit on a directory only prevents one > uid from interfering with another uid's files. It has no effect if the uids > of the processes are the same.
To put it bluntly: so what? The UNIX security model fundamentally works at the user level, not the process level. There is essentially nothing in place to protect one process from attack by another. If the adversary is able to run code under your user, then you have already lost. He must be stopped before he gets that far. Trying to protect your application from attack by another application running under the same user is pointless. Mike _______________________________________________ Cocoa-dev mailing list (Cocoa-dev@lists.apple.com) Please do not post admin requests or moderator comments to the list. Contact the moderators at cocoa-dev-admins(at)lists.apple.com Help/Unsubscribe/Update your Subscription: http://lists.apple.com/mailman/options/cocoa-dev/archive%40mail-archive.com This email sent to arch...@mail-archive.com