The Aegis Security system checks each executable's md5 when it is executed.But the referred md5(calculated when the executable first installed) is stored in an unsafe file.
/var/lib/aegis/refhashlist (or some path like this)
The file has a rw-rw-rw- permission which means any user could read and write it.
So,a malware executed by user(with lowest permission) could just write it to an empty file to break the Aegis and crash the MeeGo OS.
For example:
-----------
Don't try this on your phone!!!!
----------
I tried this on a newly flashed N9 device with a 3rd party terminal without developer mode.

I just simply run:
echo ''>>The path to the refhashlist file.

And

echo ''>>There is also a refhashlist.bak file.

If you do so,any executable with root permission won't run again.The device won't shutdown unless you force it by long-press the power button.

The device reports OS error and request fixing when you try to boot it after the force shutdown.

I'm afraid that this would be a critical safety problem for MeeGo.

By the way,is there a security problem with the OpenSSH Server installed by Developer Mode?

Please replace > with >

That's a bit strange since I vaguely recall that refhashlist is protected by aegis. (could be wrong since it is years since I played with N9 but still...)

newly flashed but still in openmode?

Accli -I returns normal
EMMC cleaned by flasher --erase-user-data
Th bin file was original.

Pretty sure that not openmode.

Will this situation happen????
I've never met this.

Do not try to remove the file.(Permission Denied)
Just rewrite it.

I could also not remember and my device is in OpenMode so no reference.

Please follow all the 'this' links from this post on
http://talk.maemo.org/showthread.php?t=96282
via
http://talk.maemo.org/showthread.php...95#post1498795
and you will end here
http://talk.maemo.org/showthread.php...9&postcount=70
which tells me refhashlist was writable but only with caution!