Rutgers University writes malware for Freerunner

Al Johnson openmoko at mazikeen.demon.co.uk
Tue Feb 23 13:25:08 CET 2010


On Tuesday 23 February 2010, Timo Juhani Lindfors wrote:
> Rui Miguel Silva Seabra <rms at 1407.org> writes:
> > Everything should be run as the user. Using dbus should be enough for
> > getting the priviledged stuff done at FSO level.
> 
> Note that running as a normal user might not limit your privileges
> that much on openmoko:
> 
> #2321 any user can run wmiconfig -i eth0 --power maxperf
> http://docs.openmoko.org/trac/ticket//2321

It does make it harder to install a rootkit though, and without a rootkit the 
actions and the malware remain detectable.

It has been noted before that most of the things we care about on a phone are 
things the user has to have access to. What we want is a permission system 
that limits access to resources by application, not just by user.




More information about the community mailing list