Another cool attack on this mechanism is if the binary uses shared
libraries: modify LD_LIBRARY_PATH so that its favorite shared library is
your own version of the library, that proceeds to dump the entire
application to disk when executed.
The challenge of adding additional sandbox/restrictions outside of the
traditional uid boundaries in UNIX is challenging. The number of ways to
influence a programs execution is quite sizable...
On Sun, 25 Jul 1999 [EMAIL PROTECTED] wrote:
>
>
> jk> Yes, but /if/ KTRACE is present, today's code allows you to bypass
> jk>the lack of read permissions on an executable. That shouldn't be
> jk>allowed. The current behaviour could be regarded as a security
> jk>hole actually :).
>
> sef> No more so than core dumps do.
>
> Yes, but an application can protect itself from an inadvertent core dump.
> It can't (today) against being ktrace'd.
>
> sef> I vote strongly against this change.
>
> Noted, thanks.
>
> I will summarize the result of the discussion in a followup to kern/3546.
>
> Regards,
> Koshy
>
>
>
>
> To Unsubscribe: send mail to [EMAIL PROTECTED]
> with "unsubscribe freebsd-hackers" in the body of the message
>
Robert N M Watson
[EMAIL PROTECTED] http://www.watson.org/~robert/
PGP key fingerprint: AF B5 5F FF A6 4A 79 37 ED 5F 55 E9 58 04 6A B1
TIS Labs at Network Associates, Computing Laboratory at Cambridge University
Safeport Network Services
To Unsubscribe: send mail to [EMAIL PROTECTED]
with "unsubscribe freebsd-hackers" in the body of the message
