Date: Wed, 26 Aug 1998 02:32:56 +1000 (EST) From: Nicholas Charles Brawn <ncb05@uow.edu.au> To: freebsd-security@FreeBSD.ORG Subject: trusted path execution patch Message-ID: <Pine.SOL.4.02A.9808260223120.247-100000@banshee.cs.uow.edu.au>
next in thread | raw e-mail | index | archive | help
Modelled somewhat on route's patch released in phrack52 that performs the same function (for Linux though), i've written a small patch to kern_exec.c that does just about the same thing. For those not familiar with route's patch (Phrack 52, article 6), it limits the execution of binaries to those in directories designated as "trusted". That being (in this case), those that aren't writable by group or other, and are owned by either root, bin, or have the gid of a "trusted" group. I've also hacked up access control for ld.so, to prevent unauthorised users using LD_LIBRARY_PATH and LD_PRELOAD to bypass the above patch. Configuration is via /etc/ld.access, which is the same format as login.access(5). You can get the patches from http://rabble.uow.edu.au/~nick/security/tpe.html I'd appreciate it if people could test it out and report back on any problems or improvements. :) Regards, Nick -- Email: ncb05@uow.edu.au - http://rabble.uow.edu.au/~nick Key fingerprint = DE 30 33 D3 16 91 C8 8D A7 F8 70 03 B7 77 1A 2A "When in doubt, ask someone wiser than yourself..." -unknown To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.SOL.4.02A.9808260223120.247-100000>