Security Fix: only allow certain messages through DEVICE_MESSAGESEND
DEVICE_MESSAGESEND is a MASSIVE security hole in wait, as anything from the outside world can send messages to other devices.
The ultimate solution is a mandatory access control mapping table that only allows certain messages from messagesend to go to other devices.
questions, can we do this by asking for parent process and using this as the originator part of the credentials?
Do we just need to completely rethink messagesend?
-Thom