Skip site navigation (1)Skip section navigation (2)
Date:      Wed, 16 Dec 1998 02:33:50 +0100 (CET)
From:      Oliver Fromme <olli@dorifer.heim3.tu-clausthal.de>
To:        freebsd-current@FreeBSD.ORG
Subject:   Re: modification to exec in the kernel?
Message-ID:  <199812160133.CAA09939@dorifer.heim3.tu-clausthal.de>

next in thread | raw e-mail | index | archive | help
Joe Abley wrote in list.freebsd-current:
 > On Tue, Dec 15, 1998 at 08:44:16AM +0200, Mark Murray wrote:
 > > Your security model is flawed. A user can do anything she wants
 > > (justabout) with shellscript and perl. Picking on compiled binaries
 > > is not going to make you that much safer.
 > 
 > "Just about" - so there are _some_ exploits that would require a user-supplied
 > binary? So preventing execution of user-supplied binaries does give _some_
 > safety benefit?
 > 
 > I take your point, though - I was forgetting how much feature bloat there
 > is in perl.

In fact, you can execute arbitrary byte code in perl5.

#!/usr/local/bin/perl
require DynaLoader;
DynaLoader::dl_install_xsub("main::hangme",
        unpack("I", pack("P4", "\xF0\x0F\xC7\xC8")));
hangme();

In case you haven't recognized it, that beast is equivalent
with the following C "program":

unsigned char main[4] = {0xF0, 0x0F, 0xC7, 0xC8};


 > Why people can't just make do with awk is a little beyond me :)

Me too.  :)
Quite a lot of my scripts begin with #!/usr/bin/awk -f  :)

Regards
   Oliver

-- 
Oliver Fromme, Leibnizstr. 18/61, 38678 Clausthal, Germany
(Info: finger userinfo:olli@dorifer.heim3.tu-clausthal.de)

"In jedem Stück Kohle wartet ein Diamant auf seine Geburt"
                                         (Terry Pratchett)

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-current" in the body of the message



Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199812160133.CAA09939>