You are viewing a plain text version of this content. The canonical link for it is here.

Posted to commits@nuttx.apache.org by GitBox <gi...@apache.org> on 2021/04/05 16:55:33 UTC

[GitHub] [incubator-nuttx] v01d opened a new issue #3358: USER MODE TASKS CAN MODIFY PRIVILEGED TASKS

v01d opened a new issue #3358:
URL: https://github.com/apache/incubator-nuttx/issues/3358


   ```
     Description: Certain interfaces, such as sched_setparam(),
                  sched_setscheduler(), etc. can be used by user mode tasks to
                  modify the behavior of privileged kernel threads.
                  For a truly secure system.  Privileges need to be checked in
                  every interface that permits one thread to modify the
                  properties of another thread.
   
                  NOTE:  It would be a simple matter to simply disable user
                  threads from modifying privileged threads.  However, you
                  might also want to be able to modify privileged threads from
                  user tasks with certain permissions.  Permissions is a much
                  more complex issue.
   
                  task_delete(), for example, is not permitted to kill a kernel
                  thread.  But should not a privileged user task be able to do
                  so?
     Status:      Open
     Priority:    Low for most embedded systems but would be a critical need if
                  NuttX were used in a secure system.
   ```


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

For queries about this service, please contact Infrastructure at:
users@infra.apache.org