From owner-freebsd-security Wed Aug 18 16:55:57 1999 Delivered-To: freebsd-security@freebsd.org Received: from phoenix.aye.net (phoenix.aye.net [206.185.8.134]) by hub.freebsd.org (Postfix) with SMTP id D09B115915 for ; Wed, 18 Aug 1999 16:55:45 -0700 (PDT) (envelope-from barrett@phoenix.aye.net) Received: (qmail 10878 invoked by uid 1000); 18 Aug 1999 23:48:23 -0000 Received: from localhost (sendmail-bs@127.0.0.1) by localhost with SMTP; 18 Aug 1999 23:48:23 -0000 Date: Wed, 18 Aug 1999 19:48:23 -0400 (EDT) From: Barrett Richardson To: Mike Tancsa Cc: freebsd-security@freebsd.org Subject: Re: Any work around for this FreeBSD bug/DoS ? In-Reply-To: <4.1.19990817212048.0526b150@granite.sentex.ca> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org On Tue, 17 Aug 1999, Mike Tancsa wrote: > >I've been using a mechanism that prevents the running the arbitrary > >executables on my systems. I require a flag bit to be set for an > >executable to be run -- so if script kiddie uploads or creates > >a binary executable it wont run, unless I approve it by setting the > >flag. At the moment I let shell scripts slide which will leave you > >vunerable to perl -- but that could be easily changed. > > Interesting concept, but I guess it would get only the dumbest script > kiddies. Also, more and more exploits seem to be released on perl to make > them 'cross platform compatible'. > > ---Mike Indeed true, but not a problem. Require scripts to have the flag also, and hack perl to check for the flag for scripts passed on the command line. I currently am not implementing it this way, but have it ready to go into place should it become a problem. Additionally I put a small hack into ld-elf.so.1 so that everything gets the same level of trust as a suid executable as far as LD_LIBRARY_PATH is concerned. - Barrett To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message