Date: Thu, 24 Dec 1998 16:32:24 -0500 (EST) From: Barrett Richardson <brich@aye.net> To: Casper <casper@acc.am> Cc: "freebsd-security@FreeBSD.ORG" <freebsd-security@FreeBSD.ORG> Subject: Re: Magic Message-ID: <Pine.BSF.3.96.981224161747.26595A-100000@phoenix.aye.net> In-Reply-To: <3682A65B.8CFB144F@acc.am>
next in thread | previous in thread | raw e-mail | index | archive | help
On Fri, 25 Dec 1998, Casper wrote:
> Did anyone tried to cjange loader's MAGIK in the exec's header and recompile
> system ... I think it'll disallow to upload some executable and run it on target
> system ......
> So if you have recompiled system , chrooting all your network services - from
> telnetd till httpd, ftpd & etc. , dont place compiler, mknod in chrooted dirs
> and disallow reading of executable files ..only --x , how intruder can break
> this protection ?
> Of course i assume that system configured properly ......
>
I used a different means to the same end. I used a flag bit that
can only be set by root and require it to be set in imgact_aout.c,
imgact_elf.c and imgact_gzip.c for non root users. Wrote a util
to set the flag on files in /bin, /sbin, /usr/{bin,sbin},
/usr/libexec, /usr/local/{bin,sbin}. Used the same return code
for a bad magic number. Whenever you try to execute a binary
that doesn't have the flag set it spits out "cannot execute
binary file". A user can even copy a system binary to his directory,
and the copy won't run -- and only root can set the flag to make it
run. Got the idea from John Dyson.
I have been thinking of incorporating the behaviour into one of the
securelevels on my system.
-
Barrett
> To Unsubscribe: send mail to majordomo@FreeBSD.org
> with "unsubscribe freebsd-security" in the body of the message
>
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.3.96.981224161747.26595A-100000>