From owner-freebsd-security Thu Dec 24 13:35:00 1998 Return-Path: Received: (from majordom@localhost) by hub.freebsd.org (8.8.8/8.8.8) id NAA23145 for freebsd-security-outgoing; Thu, 24 Dec 1998 13:35:00 -0800 (PST) (envelope-from owner-freebsd-security@FreeBSD.ORG) Received: from phoenix (phoenix.aye.net [206.185.8.134]) by hub.freebsd.org (8.8.8/8.8.8) with SMTP id NAA23132 for ; Thu, 24 Dec 1998 13:34:58 -0800 (PST) (envelope-from brich@aye.net) Received: (qmail 903 invoked by uid 7506); 24 Dec 1998 21:32:25 -0000 Received: from localhost (sendmail-bs@127.0.0.1) by localhost with SMTP; 24 Dec 1998 21:32:25 -0000 Date: Thu, 24 Dec 1998 16:32:24 -0500 (EST) From: Barrett Richardson To: Casper cc: "freebsd-security@FreeBSD.ORG" Subject: Re: Magic In-Reply-To: <3682A65B.8CFB144F@acc.am> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org On Fri, 25 Dec 1998, Casper wrote: > Did anyone tried to cjange loader's MAGIK in the exec's header and recompile > system ... I think it'll disallow to upload some executable and run it on target > system ...... > So if you have recompiled system , chrooting all your network services - from > telnetd till httpd, ftpd & etc. , dont place compiler, mknod in chrooted dirs > and disallow reading of executable files ..only --x , how intruder can break > this protection ? > Of course i assume that system configured properly ...... > I used a different means to the same end. I used a flag bit that can only be set by root and require it to be set in imgact_aout.c, imgact_elf.c and imgact_gzip.c for non root users. Wrote a util to set the flag on files in /bin, /sbin, /usr/{bin,sbin}, /usr/libexec, /usr/local/{bin,sbin}. Used the same return code for a bad magic number. Whenever you try to execute a binary that doesn't have the flag set it spits out "cannot execute binary file". A user can even copy a system binary to his directory, and the copy won't run -- and only root can set the flag to make it run. Got the idea from John Dyson. I have been thinking of incorporating the behaviour into one of the securelevels on my system. - Barrett > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-security" in the body of the message > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message