6.2 Release seems to me to be completely insecure.
Similar bug as in phshutdown exists in phlocale.
Link your ~/.ph/.ABLANG to any file, and this file will be overwritten.
Ownership will be set to user, which is even more dangerous, then in
phshutdown. You can edit /etc/passwd this way or any other system
critical file.
Next:permissions. Something awful is happening with executable files
permissions, when using pkg-installer.
Directory ‘/boot’ and some subdirectories, in which all system files are
stored (ifs & qfs) is world-writeable.
Some executables from default installation are world-writeable, like
ALL Photon games, phrelay(phrelaycfg too!), ICA.
Almost all the stuff from QNX 3-rd party CD installs world writeable,
and makes ‘/usr’ world-writeable too. Why ? I do not thing it is good
idea to extend package directory permissions on existing (system!)
directories. Some packages contain binaries with pretty weird uid:gid
set, like ssh, sigc++ and many others.
Some examples of packages, installing binaries world-writeable: emacs,
gdb, libraries, zsh and lots of others.
Just try to find them all with ‘find / -perm 0666’. (find / -perm 0777)
This is critical security bug, and even Linux (which is the buggiest
unixish system over all) doesn’t have such a bugs.
Maybe this is a good idea to embed some rules into
packager/pkg-installer to avoid such things ? Let it accept default
uids and gids, and suitable for running multiuser system permissions.
Dmitry
P.S. I use my system at home, and I do not allow any user to access my
machine. But developers’ machines could be installed in huge corporate
LANs and such a weak-secured machine, as QNX in default install (who
cares about their security, anyway?), could be compromised and be a
‘tunnel’ for a malicious person. IMO, QNX should be secure OS, at least
not providing such things, like world-writeable binaries in default
installation.