From owner-freebsd-hackers Mon Jul 26 9:54:15 1999 Delivered-To: freebsd-hackers@freebsd.org Received: from ns.mt.sri.com (ns.mt.sri.com [206.127.79.91]) by hub.freebsd.org (Postfix) with ESMTP id 9FF5F15188; Mon, 26 Jul 1999 09:54:11 -0700 (PDT) (envelope-from nate@mt.sri.com) Received: from mt.sri.com (rocky.mt.sri.com [206.127.76.100]) by ns.mt.sri.com (8.8.8/8.8.8) with SMTP id KAA28218; Mon, 26 Jul 1999 10:52:40 -0600 (MDT) (envelope-from nate@rocky.mt.sri.com) Received: by mt.sri.com (SMI-8.6/SMI-SVR4) id KAA19121; Mon, 26 Jul 1999 10:52:34 -0600 Date: Mon, 26 Jul 1999 10:52:34 -0600 Message-Id: <199907261652.KAA19121@mt.sri.com> From: Nate Williams MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit To: Dominic Mitchell Cc: jkoshy@FreeBSD.ORG, chris@calldei.com, hackers@FreeBSD.ORG Subject: Re: yet more ways to attack executing binaries (was Re: deny ktrace without read permissions? ) In-Reply-To: <19990726132132.B78403@voodoo.pandhm.co.uk> References: <19990726054037.D79022@holly.dyndns.org> <199907261116.EAA43920@freefall.freebsd.org> <19990726132132.B78403@voodoo.pandhm.co.uk> X-Mailer: VM 6.34 under 19.16 "Lille" XEmacs Lucid Sender: owner-freebsd-hackers@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG > > LD_LIBRARY_PATH, LD_PRELOAD and LD_DEBUG are ignored for setuid executables > > in FreeBSD. > > But the point being made is that they are not ignored for executables > which have no read access. And from there, read access can be gained, > because at that point, you have code running in the process's address > space. That's right. In other words, there really is no way of protecting executable files from being read if someone is motivated enough. And, in an open-source OS like FreeBSD, it's not a viable solution in any case.... Nate To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-hackers" in the body of the message