blob: c7b80773ec2fb45c0e79b48b6819fdd53850b3f4 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
|
Service loading in pure SLUL
============================
A service loader is something that loads a module that implements a specific
service, constructs the service (with any `giveme`s) and calls one or more
`entry` functions.
It would be nice if it was possible to implement service "loaders" in pure
SLUL.
The RTL code load the module using `mmap` and process it.
Security considerations
-----------------------
This is only safe to do if SLUL code can be prevented from writing
files where the service impl modules are located. Otherwise, one could just
write to a file and then load the same file (with native code!).
This is not trivial to enforce, because:
* Some OS'es don't really separate mutable files (e.g. data) from
immutable files (e.g. code).
* Most OS'es have some kind of links: symlinks, hardlinks, reflinks,
directory junctions, etc.
* OS:es handle all this differently.
Even if all services are loaded before the application code gets
called, it is still possible to bypass this when the application is
started the next time (or by calling another application).
|
