> For the very same reason a webpage running javascript can't execute
> shell commands or host API calls on your host OS.
>
Not the same. A web browser is a door opened to the outside. Local
applications can do bad things, but inside the limits of the the rights
and ACL you give to them.
> Can you explain your use case here, what are you actually trying to
> achieve?
>
- Universal print bridge from one only RISC OS PS driver
- USB auto-mounting in new hostfs drives
- SANE interface in a module
- Local screen definition for dynamic screen resize
- x86 (sandboxed) code (for speed)
- Launch selected local applications (MP3 playing, etc.)
- Local engines (for example x86 V8 mapped as a module, or BBCBasic x86
as a module)
- Redirection of Qemu's Spice output in RISC OS Windows
- SQL bridge
Etc.
> It is entirely possible to provide access to host services in a secure
> manner, if they have a defined scope.
>
Of course. I don't ask for some privilege escalation nightmare.
Security can be:
- ACL and strict rights
- confirmation box on the host
- send commands only to a VM, not a host
- predefine the commands you can launch on the host
- IPC with selected / specific x86 apps
If we can extend RPCEmu that way, you won't have to do it yourself. Else
you can plan it too. It'll be even better :)
David
_______________________________________________
RPCEmu mailing list
RPCEmu@riscos.info
http://www.riscos.info/cgi-bin/mailman/listinfo/rpcemu
No comments:
Post a Comment