#defines for the Command strings

Bryan Kadzban bryan at kadzban.is-a-geek.net
Fri Sep 1 18:39:48 EDT 2006


George S. Lockwood wrote:
> anyway, for my purposes, the supplicant/ service must be used by my
> wpa_cli adapted app and not by any other means.  Maybe I don't need
> to be concerned, maybe we should be.

As Raymond Chen has said before[1], "Applications and DLLs don't have
privileges; users do."  Excerpt:

> But when you are running an application, the application is you. If 
> you can do it, then an application can do it because the application 
> is you.

You *cannot* enforce a requirement for only a fixed magical program to
be able to change certain settings.  No operating system assigns
privileges to programs, they all assign privileges to users.  (And this
is the correct solution, also: in normal operation, it's completely
impossible to tell which program or library called you.  You can't trust
the return address.)  If the user operating the computer has permission
to make a change using your program, then that user has permission to
make the change using any other program as well.

[1] http://blogs.msdn.com/oldnewthing/archive/2006/08/18/705957.aspx
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 258 bytes
Desc: OpenPGP digital signature
Url : http://lists.shmoo.com/pipermail/hostap/attachments/20060901/1bc84686/attachment.pgp 


More information about the HostAP mailing list