Date: Wed, 16 Dec 1998 05:40:35 +1300 From: Joe Abley <jabley@clear.co.nz> To: Mark Murray <mark@grondar.za> Cc: Kevin Day <toasty@home.dragondata.com>, freebsd-current@FreeBSD.ORG, jabley@clear.co.nz Subject: Re: modification to exec in the kernel? Message-ID: <19981216054035.C27078@clear.co.nz> In-Reply-To: <199812150644.IAA67338@greenpeace.grondar.za>; from Mark Murray on Tue, Dec 15, 1998 at 08:44:16AM %2B0200 References: <19981215120357.B11837@clear.co.nz> <199812142331.RAA17203@home.dragondata.com> <19981215124818.A22526@clear.co.nz> <199812150644.IAA67338@greenpeace.grondar.za>
next in thread | previous in thread | raw e-mail | index | archive | help
On Tue, Dec 15, 1998 at 08:44:16AM +0200, Mark Murray wrote: > Joe Abley wrote: > > I looked at that; however, remember the users will have chrooted access > > to their directories, and within the chrooted tree will be /usr and > > descendants containing controlled binaries (owned by someone else, e.g. > > "root") like perl, awk, sh, etc. > > Your security model is flawed. A user can do anything she wants > (justabout) with shellscript and perl. Picking on compiled binaries > is not going to make you that much safer. "Just about" - so there are _some_ exploits that would require a user-supplied binary? So preventing execution of user-supplied binaries does give _some_ safety benefit? I take your point, though - I was forgetting how much feature bloat there is in perl. Why people can't just make do with awk is a little beyond me :) Joe To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-current" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?19981216054035.C27078>