Re: [PATCH] [SECURITY] suid procs exec'd with bad 0,1,2 fds
Paul Rusty Russell (Paul.Russell@rustcorp.com.au)
Thu, 06 Aug 1998 10:27:36 +0930
In message <Pine.LNX.3.96.980805124351.16094B-100000@chiara.csoma.elte.hu> you
write:
>
> another version of the patch uses /dev/random to add a random 'jitter' to
> mmap addresses. You'd have to overflow many thousands of times before you
> are lucky enough to catch the right address. (and all those failed
> overflows are logged and alert the sysadmin or clobberd). You can even add
> a policy to disable a given setuid root binary for a given user once a
> suspicious segmentation fault was detected. (thus the attacker has only
> one try)
Finally we're down to provable security: if there's a 10-bit address
jitter, and we remove the execute perms from files that trigger the
stack overflow, then you're 99.9% secure from compromise. [Downgraded
to a DoS attack, which they can achieve anyway.]
Also, not just setuid; at least anything running as root.
I want this; where is the /dev/random stack-protect patch?
Rusty.
--
.sig lost in the mail.
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.rutgers.edu
Please read the FAQ at http://www.altern.org/andrebalsa/doc/lkml-faq.html