Re: iphone OS userspace apps run as root

Author	All Replies
justin Australian join:1999-05-28 Brooklyn, NY Host: IPv6 Business Connectiv.. Home/Office setup .. Console/Handheld g.. Console Tech	reply to Epyon9283 Re: iphone OS userspace apps run as root said by Epyon9283 : Do any other operating systems on mobile phones have concepts of file and user permissions? well I don't know how you can have a smart phone without a filesystem, so thats files. As for permissions, since this phone is OSX it is commonly understood that the standard way for the OS to insulate itself from exploitable crashes by common applications is to have them run under their own permission level so that they have no simple way to modify OS files. Which is why a Mac running OSX needs the administrator password to be provided for patches and so on. Windows never defaulted to this setup out of the box which is why any windows program appears to be able to write DLLs to any system directory without requesting the administrator password, and probably 99% of the windows users out there run "with full administrative rights". So if the iphone has no higher level hypervisor built-in, that is watching and blocking key file changes within the OS & if it is true that everything on the iphone runs as uid 0, the iphone is less secure than any standard OSX Mac. If someone finds the right kind of crash in the browser, mail or SMS client then crafting the right web page, mail message or SMS message could install a program that looks for more iphones and we have the first widespread iphone virus. One would have thought they'd have designed the iphone to be MORE secure than a Mac, first because it is likely to keep the AT&T lock-in alive in the marketplace for longer, and to keep buggy and destabilizing 3rd party applications from being offered all over the net, and second because the iphone, portable as it is from wifi network to wifi network, is potentially more exposed to network risks than a standard home Mac sitting happily behind a secured nat router. I take my evil iphone into a large wifi cafe or airport hotspot and the probabilities are (or will be shortly) that there is another iphone user on 192.168.1.something ..
	to forum · permalink · · 2007-07-07 10:36:58 ·
Khaine join:2003-03-03 Australia	Well this is apple, the company whose products "just work". I mean look at appletalk, sure you didn't need to configure addresses for any computers in your network, but they were very chatty, and susceptible to many forms of attack.
Khaine join:2003-03-03 Australia	to forum · permalink · · 2007-07-11 08:34:43 ·


Tuesday, 10-Nov 04:59:04	Terms of Use \| Privacy Policy \| Hosting by www.nac.net - DSL,Hosting & Co-lo \| feedback \| contact over 10 years online! © 1999-2009 dslreports.com.republican-creole page compression OFF