Date: Fri, 3 Jul 1998 04:26:00 +1200 From: andrew@squiz.co.nz (Andrew McNaughton) To: security@FreeBSD.ORG Subject: Re: bsd securelevel patch question Message-ID: <v02120d09b1c15d8dc803@[192.168.1.2]>
next in thread | raw e-mail | index | archive | help
>Eh? If ssh/smtp/inetd bind to the port you won't be able to, no >matter how often you try. Unless the server is restarted for some reason. hence the rapid cron job which will eventually succeed if not detected first. >And you won't be able to steal keys >by hijacking sshd. If the trojan gets to tell the other end what public key to use, then of course it can get at the data stream. This is equally true with routing/man-in-the-middle attacks. Without access to master.passwd though it can't do a very good job of masquerading as an authentication agent. It will fail to emulate any authentication unless that can be done by accepting any connection regardless. I don't know enough about the authentication systems ssh uses to know which if any are vulnerable here. >I still agree with you for other reasons though, if an attacker >creates a new service people might use it even though it isn't a >legitimate service setup my the sysadmin. > >Whats wrong with a /dev/socket/tcp/XYZ acl type scheme? If the >process has permission to read /dev/socket/tcp/83 then they can >bind to port 83, you could make it a procfs type filesystem so all >the ACL information was in memory for speed. Then you've got to >save/restore state though. > >Niall I don't know enough about TCP/IP details to know if this makes sense, but perhaps you could use these as more than just flags and allow programmers to bind to the socket by just opening the appropriate device file. ie #!/usr/local/bin/perl open (SMTP, "</dev/socket/tcp/25"); I'm not sure if that could work with sockets. I'd be interested if someone more knowledgeable could comment on this. Andrew @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@ The effort to understand the universe is . Andrew McNaughton one of the very few things that lifts . ++64 4 389 6891 human life above the level of farce, . . andrew@squiz.co.nz and gives it some of the grace . http://www.squiz.co.nz of tragedy - Steven Weinberg . http://www.newsroom.co.nz @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@ To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?v02120d09b1c15d8dc803>