Date: Wed, 18 Aug 1999 17:22:36 -0700 (PDT) From: Jonathan Rozes <jrozes+935022158.3658973423@vinton.com> To: Barrett Richardson <barrett@phoenix.aye.net> Cc: Mike Tancsa <mike@sentex.net>, freebsd-security@FreeBSD.ORG Subject: Re: Any work around for this FreeBSD bug/DoS ? Message-ID: <Pine.SGI.3.96.990818170353.837A-100000@molloy.vinton.com> In-Reply-To: <Pine.BSF.4.01.9908181937100.4210-100000@phoenix.aye.net>
next in thread | previous in thread | raw e-mail | index | archive | help
On Wed, 18 Aug 1999, Barrett Richardson wrote: > Indeed true, but not a problem. Require scripts to have the flag also, > and hack perl to check for the flag for scripts passed on the command > line. That's not enough to 'fix' perl. You'll also need to take away from perl the ability to use the '-e' switch and the ability to read from stdin. If you want to be really pedantic, you could also force taint checking for all scripts, regardless of whether they want it or not. I started to implement something like this for OpenBSD, using the regular filesystem immutable flag on binaries, but stopped when I kept thinking of new ways for a determined attacker to bypass it. In the end, I just arranged things such that all filesystems with directories writable by non-root users were mounted noexec. > Additionally I put a small hack into ld-elf.so.1 so that everything gets > the same level of trust as a suid executable as far as LD_LIBRARY_PATH > is concerned. Why use shared libraries at all on a security-critical system? Cheers, jonathan +++ Jonathan Rozes, System Administrator, Will Vinton Studios To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.SGI.3.96.990818170353.837A-100000>