From owner-freebsd-security Mon Jun 29 07:54:09 1998 Return-Path: Received: (from majordom@localhost) by hub.freebsd.org (8.8.8/8.8.8) id HAA28650 for freebsd-security-outgoing; Mon, 29 Jun 1998 07:54:09 -0700 (PDT) (envelope-from owner-freebsd-security@FreeBSD.ORG) Received: from tversu.ru (root@mail.tversu.ru [62.76.80.2]) by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id HAA28577 for ; Mon, 29 Jun 1998 07:53:34 -0700 (PDT) (envelope-from vadim@gala.tversu.ru) Received: from gala.tversu.ru (vadim@gala.tversu.ru [62.76.80.10]) by tversu.ru (8.8.8/8.8.8) with ESMTP id SAA00924 for ; Mon, 29 Jun 1998 18:52:51 +0400 (MSD) Received: (from vadim@localhost) by gala.tversu.ru (8.8.8/8.8.8) id SAA16381; Mon, 29 Jun 1998 18:52:30 +0400 (MSD) Message-ID: <19980629185230.A16373@tversu.ru> Date: Mon, 29 Jun 1998 18:52:30 +0400 From: Vadim Kolontsov To: security@FreeBSD.ORG Subject: Re: non-executable stack? References: Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii X-Mailer: Mutt 0.90.11i In-Reply-To: ; from Niall Smart on Sat, Jun 27, 1998 at 11:07:22AM +0100 Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org On Sat, Jun 27, 1998 at 11:07:22AM +0100, Niall Smart wrote: > You misunderstand. My proposal, seemingly seconded by jtb, was to > allow the administrator to disallow the presence of non-printable ascii > characters in the environment or command line arguments at the time of > execve of certain processes. We still don't know if this will have any > effect on security though, since no-one has checked to see if its possible > to write shellcode using just printable ASCII. When I played with assembler under FreeBSD, I've created a version of such code. Basically it contains a little "decoder" which unpacks specially prepared shell code (I've solved almost the same problem programming self-unpacking UUENCODE files). Regards, V. -- Vadim Kolontsov Tver Internet Center NOC To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe security" in the body of the message