From owner-freebsd-security  Thu Jan 20 14:56:14 2000
Delivered-To: freebsd-security@freebsd.org
Received: from mx2.x-treme.gr (mx2.x-treme.gr [212.120.192.15])
	by hub.freebsd.org (Postfix) with ESMTP id A308D15376
	for <freebsd-security@FreeBSD.ORG>; Thu, 20 Jan 2000 14:56:06 -0800 (PST)
	(envelope-from keramida@diogenis.ceid.upatras.gr)
Received: from localhost.hell.gr (pat8.x-treme.gr [212.120.197.200])
	by mx2.x-treme.gr (8.9.3/8.9.3/IPNG-ADV-ANTISPAM-0.1) with ESMTP id AAA15161;
	Fri, 21 Jan 2000 00:55:52 +0200
Received: (from charon@localhost)
	by localhost.hell.gr (8.9.3/8.9.3) id OAA00751;
	Thu, 20 Jan 2000 14:53:45 +0200 (EET)
	(envelope-from keramida@diogenis.ceid.upatras.gr)
Date: Thu, 20 Jan 2000 14:53:44 +0200
From: Giorgos Keramidas <charon@hades.hell.gr>
To: Spidey <beaupran@iro.umontreal.ca>
Cc: Omachonu Ogali <oogali@intranova.net>,
	Alexander Langer <alex@big.endian.de>,
	Jonathan Fortin <jonf@revelex.com>, freebsd-security@FreeBSD.ORG
Subject: Re: sh?
Message-ID: <20000120145344.A352@hades.hell.gr>
Reply-To: keramida@ceid.upatras.gr
References: <14467.56256.337327.619067@anarcat.dyndns.org> <Pine.BSF.4.10.10001172254020.97329-100000@hydrant.intranova.net> <14470.2714.445315.624901@anarcat.dyndns.org>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
X-Mailer: Mutt 1.0pre3i
In-Reply-To: <14470.2714.445315.624901@anarcat.dyndns.org>
X-PGP-Fingerprint: 62 45 D1 C9 26 F9 95 06  D6 21 2A C8 8C 16 C0 8E
Sender: owner-freebsd-security@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.org

On Wed, Jan 19, 2000 at 02:03:54PM -0500, Spidey wrote:
>
> Yes, but you'll have to patch every single shell... Unless the
> attacker is not aware of the mesure. It is too simple to change an
> exploit code to use (say) csh instead of sh. Even then, one could
> exploit other executables.

And then, there is perl, awk, sed, hell even ghostscript can be used to
read from and write to files.  I think that by trying to patch the
programs themselves to avoid execution of certain programs, we're
trying to solve the specific instance, forgetting about the general
case.

> I would favor more the idea of implementing this in the kernel...

ACLs would be nice, thank you.

Ciao.

-- 
Giorgos Keramidas, < keramida @ ceid . upatras . gr >
"Don't let your schooling interfere with your education." [Mark Twain]


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message