Skip site navigation (1)Skip section navigation (2)
Date:      Mon, 29 Jun 1998 18:52:30 +0400
From:      Vadim Kolontsov <vadim@tversu.ru>
To:        security@FreeBSD.ORG
Subject:   Re: non-executable stack?
Message-ID:  <19980629185230.A16373@tversu.ru>
In-Reply-To: <E0yprtC-0006B4-00@oak67.doc.ic.ac.uk>; from Niall Smart on Sat, Jun 27, 1998 at 11:07:22AM %2B0100
References:  <pfm@slack.net> <E0yprtC-0006B4-00@oak67.doc.ic.ac.uk>

next in thread | previous in thread | raw e-mail | index | archive | help
On Sat, Jun 27, 1998 at 11:07:22AM +0100, Niall Smart wrote:

> You misunderstand.  My proposal, seemingly seconded by jtb, was to
> allow the administrator to disallow the presence of non-printable ascii
> characters in the environment or command line arguments at the time of
> execve of certain processes.  We still don't know if this will have any
> effect on security though, since no-one has checked to see if its possible
> to write shellcode using just printable ASCII. 

  When I played with assembler under FreeBSD, I've created a version of such
code. Basically it contains a little "decoder" which unpacks specially
prepared shell code (I've solved almost the same problem programming
self-unpacking UUENCODE files).

Regards,
V.
-- 
Vadim Kolontsov
Tver Internet Center NOC

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe security" in the body of the message



Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?19980629185230.A16373>