Date: Wed, 16 Dec 1998 02:33:50 +0100 (CET) From: Oliver Fromme <olli@dorifer.heim3.tu-clausthal.de> To: freebsd-current@FreeBSD.ORG Subject: Re: modification to exec in the kernel? Message-ID: <199812160133.CAA09939@dorifer.heim3.tu-clausthal.de>
next in thread | raw e-mail | index | archive | help
Joe Abley wrote in list.freebsd-current: > On Tue, Dec 15, 1998 at 08:44:16AM +0200, Mark Murray wrote: > > Your security model is flawed. A user can do anything she wants > > (justabout) with shellscript and perl. Picking on compiled binaries > > is not going to make you that much safer. > > "Just about" - so there are _some_ exploits that would require a user-supplied > binary? So preventing execution of user-supplied binaries does give _some_ > safety benefit? > > I take your point, though - I was forgetting how much feature bloat there > is in perl. In fact, you can execute arbitrary byte code in perl5. #!/usr/local/bin/perl require DynaLoader; DynaLoader::dl_install_xsub("main::hangme", unpack("I", pack("P4", "\xF0\x0F\xC7\xC8"))); hangme(); In case you haven't recognized it, that beast is equivalent with the following C "program": unsigned char main[4] = {0xF0, 0x0F, 0xC7, 0xC8}; > Why people can't just make do with awk is a little beyond me :) Me too. :) Quite a lot of my scripts begin with #!/usr/bin/awk -f :) Regards Oliver -- Oliver Fromme, Leibnizstr. 18/61, 38678 Clausthal, Germany (Info: finger userinfo:olli@dorifer.heim3.tu-clausthal.de) "In jedem Stück Kohle wartet ein Diamant auf seine Geburt" (Terry Pratchett) To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-current" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199812160133.CAA09939>