Home page logo
/

fulldisclosure logo Full Disclosure mailing list archives

Re: systrace silently patches full local bypass vulnerability on Linux
From: marius aamodt eriksen <marius () umich edu>
Date: Tue, 30 Mar 2004 13:14:41 -0500

what's up with brad spengler?

brad has told me in person that he would not do security commercially
since he believed that would change the motivation for doing security
work; that it would become competitive, and thus "unpure."  brad -
what is your motivation now?

do you consider systrace a competitor now?  why are your motivations
now seemingly not pure?

as a member of the PHC, brad is credited with contributing to text
such as

   --[ 3.1.1 PHC-switch-a-w00

   This is an idea spawned off many, many hours of television from
   warez mullah. He suggested that you create a fake identity by
   creating a paper trail to your whitehat or w00w00 member because
   they make so much money for selling out. I suggest using someone
   like Dug Song because I'm sure Arbornet pays him pretty well for
   writing _shit_. Although I hear Niels Provos author of systrace
   (most useless and bug ridden security tool EVER) is now employed at
   Google. I would basically rely on using their credit card
   information to fund your jihad. So when the police go and track
   down serial numbers and shit like that. Their cc# connects to the
   shit you bought. Great for buying illegal hardware to store images
   monkey.org's user accounts! 

as you can see, brad uses his awesome interpersonal skills to make
friends with respected members of the computer security community.
people who have made real contributions, both academic and in
important software.

brad, isn't it funny we all presented projects, side-by-side, and had
fruitful discussions about computer security?  what happened?

   http://lsm.abul.org/program/topic02/topic02.php3

this attitude of yours seems to be consistent,

   http://www.monkey.org/openbsd/archive/misc/0304/msg01399.html

and even through artistic expression

   http://www.grsecurity.net/~spender/dsc18910.jpg

archived at

   http://monkey.org/~marius/tmp/spender-art-dsc18910.jpg

in case he changes it.

so brad -- what's up?

and for the record -- the reason i did not make a big fuss about the
ptrace issue is that in order to actually escape systrace protection
with this, the user would have to ehtier ptrace the process themselves
and/or explicitly allow sys_ptrace in the respective policy/ies.

marius.

-- 
marius a eriksen <marius () umich edu> | http://www.citi.umich.edu/u/marius/

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]