Date: Mon, 29 Jun 1998 18:52:30 +0400 From: Vadim Kolontsov <vadim@tversu.ru> To: security@FreeBSD.ORG Subject: Re: non-executable stack? Message-ID: <19980629185230.A16373@tversu.ru> In-Reply-To: <E0yprtC-0006B4-00@oak67.doc.ic.ac.uk>; from Niall Smart on Sat, Jun 27, 1998 at 11:07:22AM %2B0100 References: <pfm@slack.net> <E0yprtC-0006B4-00@oak67.doc.ic.ac.uk>
next in thread | previous in thread | raw e-mail | index | archive | help
On Sat, Jun 27, 1998 at 11:07:22AM +0100, Niall Smart wrote: > You misunderstand. My proposal, seemingly seconded by jtb, was to > allow the administrator to disallow the presence of non-printable ascii > characters in the environment or command line arguments at the time of > execve of certain processes. We still don't know if this will have any > effect on security though, since no-one has checked to see if its possible > to write shellcode using just printable ASCII. When I played with assembler under FreeBSD, I've created a version of such code. Basically it contains a little "decoder" which unpacks specially prepared shell code (I've solved almost the same problem programming self-unpacking UUENCODE files). Regards, V. -- Vadim Kolontsov Tver Internet Center NOC To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?19980629185230.A16373>