Date: Mon, 24 Aug 1998 01:20:08 -0500 (EST) From: "John S. Dyson" <dyson@iquest.net> To: joelh@gnu.org Cc: imp@village.org, dkelly@hiwaay.net, rabtter@aye.net, hackers@FreeBSD.ORG Subject: Re: I want to break binary compatibility. Message-ID: <199808240620.BAA04415@dyson.iquest.net> In-Reply-To: <199808231301.IAA09038@detlev.UUCP> from Joel Ray Holveck at "Aug 23, 98 08:01:22 am"
next in thread | previous in thread | raw e-mail | index | archive | help
Joel Ray Holveck said: > >>> I have a problem with some hackers that are obsessed with making my > >>> ISP's life miserable (they've already hacked our SGI). I've slapped > >>> together a FreeBSD box to throw their webpages on it, turned off all > >>> services except http. > >> While you are at it and breaking binary compatibility for security > >> reasons, make sure you remove stuff a webserver doesn't need such as > >> /usr/include, compilers, manpages, etc. Maybe PicoBSD would be the > >> place to start? > > You are better off NOT breaking binary compatibility to get what you > > want. You would be better served by porting StackGuard to FreeBSD, > > which would give you excellent protection against most stack > > overflows. > > I think the idea rabtter had in mind was to keep the intruders from > compiling (or cross-compiling) some random utility from rootshell.com > on another box and ftping it over. There are security holes other > than stack overflows, you know. > I posted this through another mechanism by mistake, and so I apologize if this message is a repeat for you: Try modifying your system so that one of the flags bits is required to run a program. It would the require both the flags bit and the executable bit. Make sure the system cannot allow anyone but root set the chosen flags bit. Maybe you could use the immutable flag, for this so that you get theoretical immutability along with the ability to run code. You might want to relax the restriction for root, but maybe not (depending on how your admin scheme is setup.) In this way, you would not need to change binary compatibility, but programs will simply not run, unless the user figures out a way to set the flags bit. Hopefully, you will have made sure that the kernel API doesn't allow setting that bit by non-root. -- John | Never try to teach a pig to sing, dyson@iquest.net | it makes one look stupid jdyson@nc.com | and it irritates the pig. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-hackers" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199808240620.BAA04415>