PDA

View Full Version : Unintended Access Problem?


natethebobo
04-23-2004, 02:59 AM
When I run netTunes, the iTunes window includes my dock, allowing me to run any program in the dock... including (in my case) terminal. Looking at the process viewer, any apps launched are run by the current user. This is a potentially serious security issue.


Running 10.3.3 on both a G5 (the server) and G3 Lombard.

dnanian
04-23-2004, 07:31 AM
Nate --

netTunes remotes the extent of the iTunes window. If the window includes other windows that are forced "on top" of it, those windows can be interacted with. There's really not a lot we can do about it -- except maybe requiring a password to access netTunes.

However, there is something you can do. If you move the window so that it's above the dock area, you won't get the dock along with the window, and you won't be able to run anything from it as easily.

If you want a larger iTunes window, you can also set the dock to hide.

Does that help?

natethebobo
04-26-2004, 10:28 PM
Dave --

I figured the layering windows effect out, I was just wondering if there might be some way of interacting with the window server on a per-app basis, perhaps the same way that exposť tags them. It was just a trifle startling to note the mini-dock effect.

Anyway, thanks for the response.

dnanian
05-01-2004, 06:19 PM
Sorry it took me so long to respond: for some reason, my board didn't tell me about the post! I'm a bit worried there's something wrong there...

Anyway, no -- there's no documented way to get at the back buffer, so I'm unable to truly "isolate" the window, and interaction with it. I'm still trying to discover a method, though...