From owner-freebsd-security Fri Jun 26 10:18:54 1998 Return-Path: Received: (from majordom@localhost) by hub.freebsd.org (8.8.8/8.8.8) id KAA14812 for freebsd-security-outgoing; Fri, 26 Jun 1998 10:18:54 -0700 (PDT) (envelope-from owner-freebsd-security@FreeBSD.ORG) Received: from pubnix.org (www.pubnix.org [155.229.39.88]) by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id KAA14689 for ; Fri, 26 Jun 1998 10:18:26 -0700 (PDT) (envelope-from jtb@pubnix.org) Received: from localhost (jtb@localhost) by pubnix.org (8.8.8/NooWop) with SMTP id NAA01425; Fri, 26 Jun 1998 13:16:26 -0400 (EDT) Date: Fri, 26 Jun 1998 13:16:24 -0400 (EDT) From: jtb To: Wojciech Sobczuk cc: fpscha@schapachnik.com.ar, Niall Smart , ncb05@uow.edu.au, security@FreeBSD.ORG Subject: Re: non-executable stack? In-Reply-To: Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Content-Transfer-Encoding: 8bit X-MIME-Autoconverted: from QUOTED-PRINTABLE to 8bit by hub.freebsd.org id KAA14707 Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org Actually, Brian Matthews brought this idea up to me last fall, and the more I've been thinking about it lately, why not just deny a handful of ctrl-char's that a buffer overflow needs, i.e. 0x90, 0xff, etc. I'd have to say there is a minimal number of ctrl-char's we can disallow to stop your average script kiddie from sending shellcode into a process via cmdline or environment arguments. This method won't really protect against attacks involving sscanf()'ing data from files ala the Vixie Cron bug for RH 4.x, but security will definitely be improved with minimal loses funcionality-wise. Let me know what you guys think. All replies are welcomed, critical or not. =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= Jonathan T. Bowie ADM w00w00 WSD jobe@sekurity.org jtb@pubnix.org jobe@dataforce.net Independant Security Developer Home: (603)436-5698 "I'd hate to advocate drugs, sex, alcohol, or Cell: (603)553-6697 violence... to any one, but they've worked for me." -- Hunter S. Thompson =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= On Fri, 26 Jun 1998, Wojciech Sobczuk wrote: > On Thu, 25 Jun 1998, Fernando P. Schapachnik wrote: > > > En un mensaje anterior Niall Smart escribi¢: > > > be to only turn it on for set[ug]id executables. There are a number > > > of other "features" like this that would be useful, for example the > > > ability to specify that only printable ascii characters can appear in > > > the arguments or environment of a process before it can exec another. > > > > Don't forget about "international" users. We consider strings like > > "compa¤¡a" perfectly valid ;-) > > > > Regards! > > > > Fernando P. Schapachnik > > fpscha@schapachnik.com.ar > > > hmm.. i always thought that '$' and '!' ARE printable characters.. > check out `man 3 isprint` > > wojtek > > - Wojtek Sobczuk aka sopel (a franc-tireur) - > - sopel@hood.1lo.lublin.pl || wojtek@gaja.ipan.lublin.pl - > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe security" in the body of the message > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe security" in the body of the message