From owner-freebsd-security Mon Jan 17 20:19:15 2000 Delivered-To: freebsd-security@freebsd.org Received: from vasquez.zip.com.au (vasquez.zip.com.au [203.12.97.41]) by hub.freebsd.org (Postfix) with ESMTP id B7B5014F64 for ; Mon, 17 Jan 2000 20:18:57 -0800 (PST) (envelope-from ncb@attrition.org) Received: from zipperii.zip.com.au (ncb@zipperii.zip.com.au [203.12.97.87]) by vasquez.zip.com.au (8.9.2/8.9.1) with ESMTP id PAA13589; Tue, 18 Jan 2000 15:17:19 +1100 (EST) Date: Tue, 18 Jan 2000 15:17:18 +1100 (EST) From: Nicholas Brawn X-Sender: ncb@zipperii.zip.com.au To: Omachonu Ogali Cc: Spidey , Alexander Langer , Jonathan Fortin , freebsd-security@FreeBSD.ORG Subject: Re: sh? In-Reply-To: Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org On Mon, 17 Jan 2000, Omachonu Ogali wrote: > That was the purpose for the denying code, to try and stop the attack > before it goes through. For instance, 'named' shouldn't be executing sh, > so I would add 'named' to the file, see where I'm going? > > Omachonu Ogali > Intranova Networking Group > I thought of doing something similar to this in the kernel last year. On execve(), check the calling process name/etc and compare to a database for acceptable calling processes. Ie, disallow the calling of execve() from certain network services. The difficulty would be in making a suitable interface for such a modification. I also think there must be more elegant ways of accomplishing the same thing, such as what Robert Watson has been discussing in his recent posts. Cheers, Nick To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message