From owner-freebsd-hackers@FreeBSD.ORG Sun Sep 2 17:14:26 2007 Return-Path: Delivered-To: freebsd-hackers@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id B739416A417 for ; Sun, 2 Sep 2007 17:14:26 +0000 (UTC) (envelope-from rwatson@FreeBSD.org) Received: from cyrus.watson.org (cyrus.watson.org [209.31.154.42]) by mx1.freebsd.org (Postfix) with ESMTP id A457813C4B5 for ; Sun, 2 Sep 2007 17:14:26 +0000 (UTC) (envelope-from rwatson@FreeBSD.org) Received: from fledge.watson.org (fledge.watson.org [209.31.154.41]) by cyrus.watson.org (Postfix) with ESMTP id 077D14710B; Sun, 2 Sep 2007 13:14:26 -0400 (EDT) Date: Sun, 2 Sep 2007 18:14:25 +0100 (BST) From: Robert Watson X-X-Sender: robert@fledge.watson.org To: Max Laier In-Reply-To: <200709021813.28332.max@love2party.net> Message-ID: <20070902181330.W21906@fledge.watson.org> References: <45910cf20709011027o546363e2h4f5646b15e0f84a2@mail.gmail.com> <200709021813.28332.max@love2party.net> MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII; format=flowed Cc: freebsd-hackers@freebsd.org, Klaus Schneider Subject: Re: Exclusive binary files X-BeenThere: freebsd-hackers@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Technical Discussions relating to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 02 Sep 2007 17:14:26 -0000 On Sun, 2 Sep 2007, Max Laier wrote: > On Saturday 01 September 2007, Klaus Schneider wrote: > >> Well, anybody know a way to make the FreeBSD run just binaries that I have >> compiled? >> >> For example: A hacker get a access to a shell into my server, and then it >> put a exploit code, but on the machine don't have a compiler, then he tries >> to put the compiled exploit... supose that I can't mount the users >> partition in "noexec" mode... >> >> Anybode knows a solution for these? > > IIRC csjp@ had some code to do this inside the MAC framework. Storing > hashes in extended attributes and only allowing execution of signed > executables ... > http://perforce.freebsd.org/fileLogView.cgi?FSPC=//depot/projects/trustedbsd/mac/sys/security/mac%5fchkexec/mac%5fchkexec.c > ... not sure what became of it, though. I believe he also was able to verify other things, such as shared libraries, which for modern binaries is the obvious next step given that a fair chunk of code run in many programs isn't in the main program binary. Robert N M Watson Computer Laboratory University of Cambridge