NetBSD-Users archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

Re: systrace replacement

Am 19.03.2009 um 19:41 schrieb Thor Lancelot Simon:

I'm not sure what you're getting at here. Systrace runs in the kernel. Bugs in systrace can unquestionably give processes root priveleges when
they should not have them.

That would mean that there is a buffer overflow somewhere in the kernel where you can inject code. AFAIK, the security problem was not a buffer overflow in systrace, but that under certain circumstances it was possible to break out of the systrace using timing attacks and subprocesses. As I'm not running it as root, there's no way to get root that way.

I'm not sure what you mean here, but I cannot see how it matters. The code
had a severe design problem with both system stability and security
implications, nobody was willing to fix it, and the code was removed. If you want it put back, you probably need to fix it first, at the very least.

It worked just fine if you had it running as user. The problem you mentioned before doesn't apply to a systrace running as a user (if you got access to the user who's running systrace, why would you even bother to exploit systrace then? You're in already!), so it _WAS_ useful.


Attachment: PGP.sig
Description: Signierter Teil der Nachricht

Home | Main Index | Thread Index | Old Index