Date: Sun, 14 Jun 1998 11:23:53 +0100 From: njs3@doc.ic.ac.uk (Niall Smart) To: dima@best.net, avalon@coombs.anu.edu.au (Darren Reed) Cc: jayrich@room101.sysc.com, security@FreeBSD.ORG Subject: Re: bsd securelevel patch question Message-ID: <E0yl9x3-00077K-00@oak71.doc.ic.ac.uk> In-Reply-To: dima@best.net (Dima Ruban) "Re: bsd securelevel patch question" (Jun 13, 11:03pm)
next in thread | raw e-mail | index | archive | help
On Jun 13, 11:03pm, Dima Ruban wrote: } Subject: Re: bsd securelevel patch question > > > > According to Thomas Ptacek, this is not exactly a bug, and after thinking some > > > more about it, I kinda agree with him. (Feature, not a bug) > > > > Given it is exploitable, whether or not it is a feature, is irrelevant. > > It permits the protection intended by securelevel over /dev/kmem to be > > bypassed, reducing the overall security of the system. > > Hmm, this is not exactly bypassing a protection, you know. > Mainly because this protection is simply not targeted for this. Thats arguable, consider this quote from the D&I of 4.4BSD Files marked immutable include those that are frequently the subject of attack by intruders (e.g., login and su). The append-only flag is typically used for critical system logs. If an intruder breaks in, he will be unable to cover his tracks. Although simple in concept, these two features improve the security of a system dramatically. I've already posted the following argument to bugtraq, but I'll repeat it again here. Why do they advocate protecting login and su if such protection can be trivially defeated using the same techniques we demonstrated in the attack on inetd? And why do they claim these features improve the security of a system "dramatically" if they can be bypassed so easily? What use are securelevels without propagating the immutable flag? Niall To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?E0yl9x3-00077K-00>