From owner-freebsd-current Tue Dec 15 09:13:38 1998 Return-Path: Received: (from majordom@localhost) by hub.freebsd.org (8.8.8/8.8.8) id JAA22187 for freebsd-current-outgoing; Tue, 15 Dec 1998 09:13:38 -0800 (PST) (envelope-from owner-freebsd-current@FreeBSD.ORG) Received: from bright.fx.genx.net (bright.fx.genx.net [206.64.4.154]) by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id JAA22182 for ; Tue, 15 Dec 1998 09:13:36 -0800 (PST) (envelope-from bright@hotjobs.com) Received: from localhost (bright@localhost) by bright.fx.genx.net (8.9.1/8.9.1) with ESMTP id MAA00808; Tue, 15 Dec 1998 12:17:35 -0500 (EST) (envelope-from bright@hotjobs.com) X-Authentication-Warning: bright.fx.genx.net: bright owned process doing -bs Date: Tue, 15 Dec 1998 12:17:35 -0500 (EST) From: Alfred Perlstein X-Sender: bright@bright.fx.genx.net To: Mark Murray cc: Joe Abley , Kevin Day , freebsd-current@FreeBSD.ORG Subject: Re: modification to exec in the kernel? In-Reply-To: <199812151658.SAA68881@greenpeace.grondar.za> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-current@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG On Tue, 15 Dec 1998, Mark Murray wrote: > Joe Abley wrote: > > On Tue, Dec 15, 1998 at 08:44:16AM +0200, Mark Murray wrote: > > "Just about" - so there are _some_ exploits that would require a user-supplied > > binary? So preventing execution of user-supplied binaries does give _some_ > > safety benefit? > > 0.001%. If you can do it in C, you can do it in perl. Buffer exploits > are much easier in C and assembler, though. A cracker with time is > a dangerous beast, remember. > > > I take your point, though - I was forgetting how much feature bloat there > > is in perl. > > > > Why people can't just make do with awk is a little beyond me :) > > Shellscript+awk+sed is a potent combination in the hands of an > uberhacker. > > Consider the case of the virus-written-in-shellscript; when last > and how often do you run tripwire? Are you _convinced_ that you > have _never_ (both absolutes) run a user-written substitute (possibly > trojaned) replacement for a system applet? > > I've hit a perl replacement for ls(1) that only gloated. Yes, I > was root. > I think the point here is so that the next "biggie" out on rootshell doesn't give every amatuer script kiddie root on your boxen. Any 'uberhacker' on the otherhand might find an overflow in any util to get it to run his arbitrary code. (i've seen vi segfault) It's not 1980, lock the doors and hope no one with a fireaxe comes knocking. Alfred Perlstein - Programmer, HotJobs Inc. - www.hotjobs.com -- There are operating systems, and then there's FreeBSD. -- http://www.freebsd.org/ 3.0-current > M > -- > Mark Murray > Join the anti-SPAM movement: http://www.cauce.org To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-current" in the body of the message