On Thu, Aug 21, 2003 at 12:39:00AM -0700, Kris Kennaway wrote: +> > It does something similar, but uses a C-like language to control a +> > processes actions. This lets you get extremely fine-grained control +> > (allow httpd to bind to only port 80, once), but the rules run as +> > "root", so they can grant as well as revoke privileges. A useful +> > modification would be to allow users to submit their own policies that +> > can only disallow actions (i.e. all arguments and process variables are +> > read-only, and the script can either pass the syscall through or return +> > a failure code, nothing else). +> +> Exercise for the reader: find a situation where the failure to perform +> a syscall that normally succeeds, leads to privilege escalation :-)
The answer is: Every network daemon. If you could compromise it, you get local access. -- Pawel Jakub Dawidek [EMAIL PROTECTED] UNIX Systems Programmer/Administrator http://garage.freebsd.pl Am I Evil? Yes, I Am! http://cerber.sourceforge.net
pgp00000.pgp
Description: PGP signature
