Subject: Re: verified executable kernel modification committed
To: None <firstname.lastname@example.org, email@example.com>
From: Roland Dowdeswell <firstname.lastname@example.org>
Date: 10/31/2002 17:15:00
On 1036082606 seconds since the Beginning of the UNIX epoch
Greg A. Woods wrote:
>[ On Thursday, October 31, 2002 at 00:58:23 (-0500), Roland Dowdeswell wrote:
>> Subject: Re: verified executable kernel modification committed
>> Only if you hack your kernel to not execute files which do not have
>> the schg flag set. Otherwise, what's to stop you from executing
>> other files?
>Such hacks may not strictly be necessary. In many cases through careful
>control of the PATH setting and use of the 'schg' flag on all
>directories in any PATH directory some assurance can be had that only
>known pre-verified binaries are available to be run.
You can always provide absolute paths for executables to run. What
I was suggested was not that someone can inject a binary into your
path, but rather execute non-trusted code from an arbitrary location.
I do not see how the setting of PATH would affect:
>This doesn't stop arbitrary scripts from being run, but at least with
>the basic POSIX scripting tool, /bin/sh, there's not a whole lot of
>difference in the functional effects between a script and an iteration
>of a bunch of commands with carefully controlled parameters, i.e.
>scripts don't really let you do anything you can't already do by rote,
>given a certain set of available underlying programs.
With the code that Brett has provided, you can provide interpretters on
the system which cannot be used in such a way, though.
Roland Dowdeswell http://www.Imrryr.ORG/~elric/