NetBSD-Users archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
Re: systrace replacement
In article <A1CC32CB-3DAE-4720-84BE-ECDCC7AD07C6%webkeks.org@localhost>,
Jonathan Schleifer <js-netbsd-users%webkeks.org@localhost> wrote:
>-=-=-=-=-=-
>
>http://www.provos.org/index.php?/categories/2-Systrace&/archives/33-Local-Privilege-Escalation.html
>
>It seems the issue with gaining root was fixed already. So please, why
>remove it if it works just fine if it's running as a non-root user? It
>was really, really useful.
>
>Additionally, there was a thread on the OpenBSD ML in the last days
>where systrace was recommended to someone. I used this chance to ask
>if there were any fixes in OpenBSD that NetBSD is missing.
Because it provides a false sense of security like the apperture
driver for X. If a security measure can be circumvented it is not
very useful. In this case it is trivial to use a multi-threaded
program to exploit TOCTOU, and circumvent systrace. It is even
documented in the original systrace paper. Until someone makes
changes so that the system call arguments are saved in kernel space
first before systrace inspection as the paper suggests, it is not
very useful.
christos
Home |
Main Index |
Thread Index |
Old Index