The first patch (sh-log.patch) didn't offer denying features, I then wrote
a second one that did. My main focus was on BIND, I haven't seen someone
yet who has smashed the stack and changed argv, and secondly, it reads
the process name from the /proc filesystem, so if you do change the
program name on the stack, the original still exists...
Intranova Networking Group
On Tue, 18 Jan 2000, Sheldon Hearn wrote:
On Mon, 17 Jan 2000 21:04:07 EST, Omachonu Ogali wrote:
When you first posted, you neglected to mention that your patch included
a deny list (/etc/sh.deny). This puts a different spin on things. :-)
While it sounds attractive on the surface, think how easy it is to work
around -- the exploit code must simply change its progname to something
which will never be in /etc/sh.deny (e.g. login).
So your patch scores something useful for a week, whereafter the script
kiddies catch up and we're back to square one. :-)
No, if this is to be done, it's with per-process credentials. Someone
is already working on such a system for FreeBSD. Since you seem
interested in helping out with the process of hardening FreeBSD, I urge
you to contact Robert Watson, who's spearheading the current hardening
You can reach him at Robert Watson <robert+free...@cyrus.watson.org>.
Thanks for your interest in a more secure FreeBSD. :-)
To Unsubscribe: send mail to majo...@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message