Re: Unexecutable Stack / Buffer Overflow Exploits...

Khimenko Victor (khim@sch57.msk.ru)
Wed, 29 Dec 1999 20:38:42 +0300 (MSK)

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: Q: "2.3.35 compile warnings."
Previous message: Rik van Riel: "Re: mmap bug in 2.2.13 (or in documentation)"
Maybe in reply to: Robert Dinse: "Unexecutable Stack / Buffer Overflow Exploits..."

In <m123LyJ-000OVtC@amadeus.home.nl> Arjan van de Ven (arjan@fenrus.demon.nl) wrote:
> In article <Pine.SUN.3.96.991229052840.376X-100000@invisible.eskimo.com> you wrote:
>>> > suffice to raise major havoc. Besides if they can get a shell as ANY UID
>>> > that gives them an inside base from which to advance their attack.

> I would like to see an option that does the folowing:

> 1) Let "normal user" programs bind to ports < 1024
> ONLY IF
> 2) that program was given this "capability" by root, for example
> by means of an file-system flag.

> This allows a lot of, currently, SUID-programs to run as non-root all the
> way, and thus, when used properly, enhances security of networked systems.

It's long story. You can do it NOW (more or less). Capabilities like this
are in kernel. So what you should do is just adding fie lines to the very
start of main() -- drop all capabilities there except of capability to bind
to ports < 1024 ... Where to store such capability in filesystem was discussed
year ago and no consensus was gotten :-((

-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.rutgers.edu
Please read the FAQ at http://www.tux.org/lkml/

Next message: Q: "2.3.35 compile warnings."
Previous message: Rik van Riel: "Re: mmap bug in 2.2.13 (or in documentation)"
Maybe in reply to: Robert Dinse: "Unexecutable Stack / Buffer Overflow Exploits..."