R: [gst-devel] Create a secure level

[Thomas Vander Stichele]

Hi Domenico,

> Ok, I would like to go deeper in the short answer. What do you think about a security check on:
> 
> 1) player
> 2) Gstreamer
> 3) X Windows
> 
> in the player there is a parity check on Gstreamer and X Windows, in GStreamer API's there is a parity check on the player and X Windows (and I could say: in X Windows there is a parity check on Gstreamer and the player).
> So that when you try to exploit the player it doesn't work because Gstreamer's parity check fails, when you try to exploit Gstreamer it doesn't work because the parity check of the player fails. The only way to solve the trick is to patch Gstreamer and the player together: it should be complex because you don't know if you failed in Gstreamer or in the player. If you do this for XWindows too, it should be quite impossible.

You'll have to be clearer to have a sensible discussion.  What is this
parity check ? How does it work ? How is it technically implemented ?

If you're trying to come up with a foolproof unhackable system, I think
most people on this list will tell you that it's not possible.

So all we're left with is discussing practical difficulty.  To discuss
that you need to explain properly what it is you're asking :) And as
soon as you do I'm sure people can offer suggestions on how to break it.

So I would assume that what you would want is to get a feeling for how
difficult it is to break whatever system you are currently thinking of,
so you need to explain it some more.

Thomas



Dave/Dina : future TV today ! - http://www.davedina.org/
<-*- thomas (dot) apestaart (dot) org -*->
I've got ladyfingers baby
I've got kidgloves
baby I got heart
<-*- thomas (at) apestaart (dot) org -*->
URGent, best radio on the net - 24/7 ! - http://urgent.fm/