wiki:FutureHaiku/Security

Version 2 (modified by waddlesplash, 10 months ago) (diff)

--

Low-Hanging Fruit

  • Audit all syscalls & ioctls (_control) for privilege checks.
    • _area functions probably need a lot of thinking here
  • Run the userland as a non-privileged user
  • Don't allow opening files by inode (requires ABI break)
  • Fuzz all in-tree parsers
    • driver settings format
    • message
    • rdef

Moderate

  • W^X

Advanced