Home page logo
/

bugtraq logo Bugtraq mailing list archives

Re: ANNOUNCE: Medusa DS9 security system
From: elw () DNS1 STDERR ORG (elijah wright)
Date: Tue, 15 Feb 2000 22:32:39 -0600


 communicates with the kernel using character device to send and receive
 "packets". Daemon contains the whole logic and implements the concrete
 security policy. That means, that medusa can (as opposite to another
[...]
 * ability to enforce process to execute an arbitrary code. This feature
   is usefull to enforce logging drom that process and so.

the fact that your program has both a userspace and a kernel-space
component makes it almost immediately suspect as "vulnerable".  kind of
funny for me to get to reply to a "security tool" announcement with a
notice-of-warning.

has the source to the userspace module been audited yet?  hopefully by
someoen other than the authors?

that last part sounds like it might make, with a few mods, a great 3l33t
h () x0r tool :)  perhaps it might be most useful to someone good enough to
get a rootshell but not good enough to hack away at the process table by
themselves.

all in all, this thing scares me.

elijah


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]