Rutgers University writes malware for Freerunner
Al Johnson
openmoko at mazikeen.demon.co.uk
Tue Feb 23 13:25:08 CET 2010
On Tuesday 23 February 2010, Timo Juhani Lindfors wrote:
> Rui Miguel Silva Seabra <rms at 1407.org> writes:
> > Everything should be run as the user. Using dbus should be enough for
> > getting the priviledged stuff done at FSO level.
>
> Note that running as a normal user might not limit your privileges
> that much on openmoko:
>
> #2321 any user can run wmiconfig -i eth0 --power maxperf
> http://docs.openmoko.org/trac/ticket//2321
It does make it harder to install a rootkit though, and without a rootkit the
actions and the malware remain detectable.
It has been noted before that most of the things we care about on a phone are
things the user has to have access to. What we want is a permission system
that limits access to resources by application, not just by user.
More information about the community
mailing list