[hatari-devel] Compiler warnings / system call

Eero Tamminen eerot at users.berlios.de
Mon Mar 1 22:58:01 CET 2010


Hi,

On Sunday 28 February 2010, Eero Tamminen wrote:
> Anything running as suid root should do whatever requires root priviledge
> in the beginning and drop root priviledges immediately after that.  If
> somebody makes Hatari suid root without doing do that, that's plain
> stupid[1].

And of course unless one's running suid-root Hatari under suitable security 
framework and security policy which restricts what Hatari can do, Hatari's
users could use Hatari to overwrite system files with their own contents 
(using e.g. --printer option)...
 

> Debugger is accessible also through Hatari command socket, if user
> enables socket (done automatically by Hatari UI), and through XBios 255
> from the emulation environment, if one enables that.  But the socket
> should be accessible only by that user and --bios-intercept is not on by
> default.

Btw. I'm not sure people on the list appreciate how flexible Hatari is
nowadays.

One can use the control socket not just to change Hatari settings, but do
anything one can do from the debugger and to simulate user events.

With --bios-intercept, one can make an automated Atari test/demo program
that changes what Atari model Hatari emulates and tests itself whether it
can run properly under different Atari models, amount of memory etc...


> > So I vote for removing this debugger commando again
> > - or is it really required badly?
>
> Laurent asked for "ls" in Debugger.  System() was only reasonable way to
> implement that (implementing "ls" within Hatari would need too much code
> for such a fringe feature).
>
> "exec" may also be convenient if one wants to do everything within
> the Hatari debugger instead of using both a separate terminal and Hatari
> console window (think about users who open Hatari + debugger window from
> a link on desktop).

"exec" allows the --bios-intercept thing to go even further.  Atari program
could even re-compile itself by "exec"ing a script that runs host's
cross-compiler...

(Maybe I should add Hatari Manual section on "Crazy things you can do with 
Hatari"...)


	- Eero



More information about the hatari-devel mailing list