flshm released

It’s not every day you get to release a freelance project as open source, but in this case I’m pleased to be able to release flshm as open source on GitHub.

This project was developed for a client who wanted to add some new features to an existing Flash-based project, but was running into some limitations due to the sand-boxing features which are even present when publishing a desktop application.

Although I haven’t actively developed for the Flash in some time, nor do I particularly like the platform anymore, this project presented some interesting challenges as it drew on my reverse engineering talents as well as my C programming skills. I also led to some interesting security-related discoveries, in that the shared memory backing the system is not secure on all systems.

An interesting security-related find:

One thing to keep in mind, the shared memory system they designed has some security weaknesses that you should consider before storing any information in the shared memory backed features, even if you are not using this library.

As vaguely referenced in the docs, by default on Mac OS the shared memory is shared among user accounts on the same system, for backwards compatibility to when Mac OS was single-user (there is an option to make the data unique to each user). The situation is actually worse than that. The way it keeps data separate from each user on *nix system is by using a deterministic hash of the user ID. With native code like this however, it’s actually possible to read and write the shared memory of other user accounts on the same system with just the user ID on *nix systems.

On the plus side, the Windows API is different and I don’t believe it has this flaw. The sandboxing in modern browsers may also offer some protection from this issue, depending on the context.

Comments