Date: Mon, 26 Jul 1999 10:07:37 -0600 From: Nate Williams <nate@mt.sri.com> To: jkoshy@FreeBSD.org Cc: Nate Williams <nate@mt.sri.com>, freebsd-hackers@FreeBSD.org Subject: Re: deny ktrace without read permissions? Message-ID: <199907261607.KAA18859@mt.sri.com> In-Reply-To: <199907260450.VAA10559@freefall.freebsd.org> References: <199907241724.LAA13835@mt.sri.com> <199907260450.VAA10559@freefall.freebsd.org>
next in thread | previous in thread | raw e-mail | index | archive | help
> The PR proposes (and the patch given earlier implements) tighter > security on the premise that security in the presence of KTRACE > should be at least as tight as without KTRACE. It achieves this > by requiring read permissions on an executable before it can be > KTRACE'd. As other have pointed out, if you're good enough to reverse engineer a program from just it's syscall, you're probably good enough to stick in a new shared library that allows you to 'reverse engineer' w/out requiring KTRACE. Again, security through obscurity is never a good solution, and this is just that wrapped in different clothes. Nate To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-hackers" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199907261607.KAA18859>