Date: Thu, 24 Dec 1998 16:32:24 -0500 (EST) From: Barrett Richardson <brich@aye.net> To: Casper <casper@acc.am> Cc: "freebsd-security@FreeBSD.ORG" <freebsd-security@FreeBSD.ORG> Subject: Re: Magic Message-ID: <Pine.BSF.3.96.981224161747.26595A-100000@phoenix.aye.net> In-Reply-To: <3682A65B.8CFB144F@acc.am>
next in thread | previous in thread | raw e-mail | index | archive | help
On Fri, 25 Dec 1998, Casper wrote: > Did anyone tried to cjange loader's MAGIK in the exec's header and recompile > system ... I think it'll disallow to upload some executable and run it on target > system ...... > So if you have recompiled system , chrooting all your network services - from > telnetd till httpd, ftpd & etc. , dont place compiler, mknod in chrooted dirs > and disallow reading of executable files ..only --x , how intruder can break > this protection ? > Of course i assume that system configured properly ...... > I used a different means to the same end. I used a flag bit that can only be set by root and require it to be set in imgact_aout.c, imgact_elf.c and imgact_gzip.c for non root users. Wrote a util to set the flag on files in /bin, /sbin, /usr/{bin,sbin}, /usr/libexec, /usr/local/{bin,sbin}. Used the same return code for a bad magic number. Whenever you try to execute a binary that doesn't have the flag set it spits out "cannot execute binary file". A user can even copy a system binary to his directory, and the copy won't run -- and only root can set the flag to make it run. Got the idea from John Dyson. I have been thinking of incorporating the behaviour into one of the securelevels on my system. - Barrett > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-security" in the body of the message > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.3.96.981224161747.26595A-100000>