On Wed, Jan 22, 2003 at 04:17:29PM -0500, Jay Oliveri wrote:
> An article was posted to BugTraq by makers of software funded by the RIAA to
> enable an eventual distributed denial of service attack on "infected" p2p
> network nodes (their words). Freenet isn't specifically mentioned, but I
> th
On Wed, Jan 22, 2003 at 04:17:29PM -0500, Jay Oliveri wrote:
> An article was posted to BugTraq by makers of software funded by the RIAA to
> enable an eventual distributed denial of service attack on "infected" p2p
> network nodes (their words). Freenet isn't specifically mentioned, but I
> th
bdonlan:
> How can it determine that?
That's what needs to be figured out, obviously - some relatively
generic scheme for "registering privileged code at initialization"
and "calling privileged code." I don't claim to be qualified to
design it.
___
devl
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On Friday 14 February 2003 06:37 pm, Mark J Roberts wrote:
> bdonlan:
> > I don't understand. Anyway, why not fork() and restrict the child?
>
> That is hardly easy or efficient.
>
> My point is that I've got this notion of being able to use some
> cap
bdonlan:
> I don't understand. Anyway, why not fork() and restrict the child?
That is hardly easy or efficient.
My point is that I've got this notion of being able to use some
capability only by calling a predefined function (ie, the one I
posted that accepts user input from the terminal), but I
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On Friday 14 February 2003 06:12 pm, Mark J Roberts wrote:
> bdonlan:
> > How do you propose isolating the functions and relocating them using
> > current compilers? Getting them to call library function'd be
> > difficult...
>
> Oh, I have no clue.
>
bdonlan:
> How do you propose isolating the functions and relocating them using current
> compilers? Getting them to call library function'd be difficult...
Oh, I have no clue.
I'm thinking about how the kernel can generically enable the
"predefined interface" thing...
_
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On Thursday 13 February 2003 08:11 pm, Mark J Roberts wrote:
> bdonlan:
> > Use an interpreted language. They'll prevent buffer overflows and you can
> > unimplement unallowed functions.
>
> Buffer overflows are the worst offender, but there are plenty
bdonlan:
> Use an interpreted language. They'll prevent buffer overflows and you can
> unimplement unallowed functions.
Buffer overflows are the worst offender, but there are plenty of
other ways that programs can be tricked into doing things they never
should be doing. Ruling out those possibili
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On Thursday 13 February 2003 07:24 pm, Mark J Roberts wrote:
> bdonlan:
> > And let it at the kernel stack? _BAD_ idea. It can still use
> > printf/scanf to sniff your password anyway.
>
> No, it can't, becuase it will only prompt for input through you
bdonlan:
> And let it at the kernel stack? _BAD_ idea. It can still use
> printf/scanf to sniff your password anyway.
No, it can't, becuase it will only prompt for input through your
uploaded interface function. There are innumerable other cases where
security is greatly enhanced by ensuring that
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On Wednesday 12 February 2003 09:29 pm, Mark J Roberts wrote:
> bdonlan:
[snip]
> With code uploading, you could make _sure_ that the terminal would
> only be capable of outputting questions and reading answers in the
> style you want.
>
> void promp
Jay Oliveri:
> I don't know what to really think, since conveniently most of
> their evidence is under NDA.
Devising access control and permissions schemes to limit the
capabilities of code processing malicious data is a tricky business.
The question that needs to be constantly asked is, "Exactly
bdonlan:
> (4) load plugins
> (5) Access the RTC
> (6) Get access to raw video RAM...
> Shall I go on? :)
So? Yes, acquire those capabilities at initialization time, even
ones you may not necessarily use. But drop those that you _know_ you
won't need.
And if, say, you have some circumstance where
On Wed, Feb 12, 2003 at 06:52:41PM -0500, bdonlan wrote:
> -BEGIN PGP SIGNED MESSAGE-
> Hash: SHA1
>
> On Wednesday 12 February 2003 06:38 pm, Mark J Roberts wrote:
> > Jay Oliveri:
> > > I don't know what to really think, since conveniently most of
> > > their evidence is under NDA.
> >
>
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On Wednesday 12 February 2003 06:38 pm, Mark J Roberts wrote:
> Jay Oliveri:
> > I don't know what to really think, since conveniently most of
> > their evidence is under NDA.
>
> Devising access control and permissions schemes to limit the
> capabilit
An article was posted to BugTraq by makers of software funded by the RIAA to
enable an eventual distributed denial of service attack on "infected" p2p
network nodes (their words). Freenet isn't specifically mentioned, but I
thought perhaps it's at least worth forwarding the link:
http://online
17 matches
Mail list logo
