Date: Wed, 23 May 2007 21:17:48 -0400 From: Kris Kennaway <kris@obsecurity.org> To: Julian Elischer <julian@elischer.org> Cc: Poul-Henning Kamp <phk@phk.freebsd.dk>, Colin Percival <cperciva@freebsd.org>, "freebsd-arch@freebsd.org" <freebsd-arch@freebsd.org> Subject: Re: RFC: Removing file(1)+libmagic(3) from the base system Message-ID: <20070524011748.GA68201@xor.obsecurity.org> In-Reply-To: <4654E287.3040206@elischer.org> References: <7158.1179947572@critter.freebsd.dk> <4654E083.10807@freebsd.org> <4654E287.3040206@elischer.org>
next in thread | previous in thread | raw e-mail | index | archive | help
On Wed, May 23, 2007 at 05:55:35PM -0700, Julian Elischer wrote: > Colin Percival wrote: > >Poul-Henning Kamp wrote: > >>In message <46546E16.9070707@freebsd.org>, Colin Percival writes: > >>>I'd like to remove file(1) and libmagic(3) from the FreeBSD base system > >>>for the following reasons: > >>One mitigating option would be to open the magic file and input > >>and sequester the file process in a jail. > > > >Last time I checked, unprivileged processes couldn't jail themselves. We > >could make file(1) setuid root and use a privilege separation approach, > >but I'm not convinced that would be a net win. > > How about a bit in the headers of a program that are set by the Makefile. > If the bit is not set then the elf program executor sets a bit that > forbids exec from ever running.. > > how many programs actually need to be able to run exec.. > the average exploit does an exec(/bin/sh) Cart before horse. Colin needs to first tell us what attack he is trying to stop before we can figure out how to stop it. Kris P.S. Thesedays we have the MAC subsystem, no need for magic hacks of this nature.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20070524011748.GA68201>