[mojosetup] Plans for adding system menu entries
Ryan C. Gordon
icculus at icculus.org
Thu Dec 6 05:34:05 EST 2007
> That's really retarded. Why use a nice scripting language if you
> don't use it for sandboxing to prevent people from doing arbitrary
> stupid things in their installer? Sure it's with best intentions but
The goal of the scripting language wasn't sandboxing, it was ease of
development and minimizing risk from the usual C bugs: buffer overflows,
memory management, etc.
You can't really sandbox something that starts with a main() that you
control in an binary you convince a user to download, flag as
executable, and then run.
Checking the homedir in a script is risky, though, to be sure...at least
on Mac OS X, for example, there is no /root ... it's in
/private/var/root instead.
We should at least expose the uid/euid, since what we seem to care about
here is "is this user root or not?" ... but of course the real solution
is to move this specific functionality into MojoSetup.
--ryan.
More information about the mojosetup
mailing list