-----Original Message-----
From: Martijn Kruithof <[EMAIL PROTECTED]>
To: Daran <[EMAIL PROTECTED]>; [EMAIL PROTECTED] <[EMAIL PROTECTED]>
Date: 12 March 2001 00:45
Subject: RE: Mersenne: Security of prime95 + electricity costs.
>I have verified the possibility of a buffer overflow exploit in primenet.c
I downloaded the source code today, but didn't know in which file to look.
Thanks for the pointer.
>(used in linuxs mprime)
>It seems NOT vurneralbe (so it seems safe to me)
>NO buffer overflow is likely to occur.
I agree, although coming 'cold' to the source code I can't be 100% certain I
understand what it's doing.
Nevertheless, I'd prefer to see the buffer length #defined, rather than those
'1000's and '999's lying around. If that value were ever to be changed, then
it would only take one missed instance of the value to create a vulnerability.
A unnoticed fingerslip which added an extra digit would have the same effect.
>Notwithstanding I am running mprime as user mersenne with virtually no
>rights
>and no shell.
Every program has at least one right that an attacker doesn't:- the right to
run on your computer. From there, a subverted program could spawn it's own
shell if necessary, or any other program in /bin, /usr/bin, etc. Even if
there are no other security holes, you should at least deny all world access
to the home directory areas. Even more paranoid (I am, as you've probably
noticed. :-) ) would be to run mprime as user:group mersenne:mersenne,
create a new group 'local', chown the */bin directories to this group and deny
all world access to them. That might break some of the daemons, but you
should be able to fix them on a case by case basis by making them group
'local'. (You'd also have to give all your users local group membership.) I
haven't tried this, but as I can't talk to the Internet from Linux, that
doesn't matter so much. When I get my new box with a real modem I will try it
out.
Regards
Daran G.
_________________________________________________________________________
Unsubscribe & list info -- http://www.scruz.net/~luke/signup.htm
Mersenne Prime FAQ -- http://www.tasam.com/~lrwiman/FAQ-mers
