Date: Sun, 25 Aug 1996 21:13:13 -0700 (PDT) From: Nathan Lawson <nlawson@kdat.csc.calpoly.edu> To: gene@starkhome.cs.sunysb.edu (Gene Stark) Cc: freebsd-security@freebsd.org Subject: Re: Xt Vulnerability and suggested exec patch Message-ID: <199608260413.VAA16519@kdat.calpoly.edu> In-Reply-To: <199608260330.XAA12903@starkhome.cs.sunysb.edu> from "Gene Stark" at Aug 25, 96 11:30:42 pm
next in thread | previous in thread | raw e-mail | index | archive | help
> This is the worst one yet for me. A crazy idea occurred to me, what do > other people think? Why not nip all this stuff in the bud by changing the > semantics of exec() so that setuid privilege is turned off unless the > program has previously executed a (new) system call that says "I really > want setuid privileges to be passed to my children." No. Since this is an overflow problem, the exploiter can execute arbitrary assembly code on the target. This can be any system call and the OS has no way of knowing whether the program wishes to make this call or has been subverted to do so. In your proposed OS, the assembly code would be "exec /bin/sh, and yes, I do want setuid privileges passed to my children." -- Nate Lawson "There are a thousand hacking at the branches of CPE Senior evil to one who is striking at the root." CSL Admin -- Henry David Thoreau, 'Walden', 1854
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199608260413.VAA16519>