[ros-dev] dealing with insecure-by-inattention Windows software

[Wesley Parish]

"insecure-by-inattention" - by that I mean software that must run as super-user
or otherwise (otherstupidly) it won't run at all.  ReactOS is not only intended
as a plug-in replacement for MS Windows, if I read this-and-that correctly, it's
also intended to "get it done right".  And so we can't have super-user as
default user, because that is Microsoft's thorn-in-the-flesh, and they can have
it.  I don't want it.

What I've been thinking is there is quite a bit of useful information and
knowledge being actively developed and used in the Unix/BSD/Linux field for
handling that sort of problem.  The BSD chroot jail is one such implementation -
there are even some aspects of the MS Windows directory structure that would
simplify the adaption of the chroot jail to the ReactOS.

[hardware]\Program Files\Abracadabra-Malware-Magnet\

"Abracadabra-Malware-Magnet" is a separate subdirectory within the Program Files
directory.  Chroot jail, if I remember correctly, requires a separate directory
for each chrooted program so it sees itself as the one-and-only love of its
kernel's uptime.  The MS Windows directory structure already has this separable
directory structure.

What needs to be done is to ensure that it thinks it's the only one around.

There would be some sizeable problems - ensuring that the dlls would be
sufficiently robust to avoid being hijacked, is just one, ensuring that it
couldn't make any changes to dlls outside its directory is a bigger one, but
that could be handled by making sure it installed all its (uniquely) needed dlls
in its chroot jail.  Which a lot of Win32 programs do anyway.

What do people think?

Wesley Parish

"Sharpened hands are happy hands.
"Brim the tinfall with mirthful bands" 
- A Deepness in the Sky, Vernor Vinge

"I me.  Shape middled me.  I would come out into hot!" 
I from the spicy that day was overcasked mockingly - it's a symbol of the 
other horizon. - emacs : meta x dissociated-press