Home page logo
/

bugtraq logo Bugtraq mailing list archives

Re: Buffer overflow prevention
From: Glynn Clements <glynn.clements () virgin net>
Date: Tue, 19 Aug 2003 02:55:28 +0100


Theo de Raadt wrote:

One of these days someone is going to use the magic of a system call
interposition mechanism such systrace; and for their application
accidentally create an operating system behaviour that is un-POSIX,
and some application is going to misbehave as a result of that change
and inadvertantly this will result in the CREATION of a hole.

For a concrete example regarding POSIX 1e capabilities (which
are essentially a "system call interposition mechanism"):

        http://ciac.llnl.gov/ciac/bulletins/k-064.shtml

Summary: If a root process doesn't have CAP_SETUID, attempts to give
up root privilege fail, resulting in the process continuing to run as
root.

-- 
Glynn Clements <glynn.clements () virgin net>


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]