On Wed, 28 Mar 2001, Jesse Pollard wrote:
> Sure - very simple. If the execute bit is set on a file, don't allow
> ANY write to the file. This does modify the permission bits slightly
> but I don't think it is an unreasonable thing to have.
Oh, honestly! Think about what you are saying here:
Wha
Walter Hofmann <[EMAIL PROTECTED]>:
> On Wed, 28 Mar 2001, Jesse Pollard wrote:
[snip]
> > Now, if ELF were to be modified, I'd just add a segment checksum
> > for each segment, then put the checksum in the ELF header as well as
> > in the/a segment header just to make things harder. At exec time
On Wed, 28 Mar 2001, Jesse Pollard wrote:
> By itself it doesn't - but if you also don't have user/group/world rw and
> don't own the file, you can't do anything to it.
This is all completely useless. Why not remove world rw permissions in the
first place. If the admin isn't even able to write
Ben Ford wrote:
>
> There are two problems I see here. First, there are several known ways
> to elevate privileges.
Fixable, except from guessing the root password which is hard.
> If a virus can elevate privileges, then it owns
> you. Second, this is a multi-OS virus. If you dual-boot int
On Wed, 28 Mar 2001 [EMAIL PROTECTED] wrote:
> Jesse Pollard writes:
> > Absolutely true. The only help the checksumming etc stuff is good for is
> > detecting the fact afterward by external comparison.
>
> Don't we already have that to some extent? rpm -ya or rpm -y
> on a RedHat system? I'm
Simon Williams wrote:
> In message <[EMAIL PROTECTED]>, Olivier Galibert
> <[EMAIL PROTECTED]> writes
>
>> On Wed, Mar 28, 2001 at 03:04:46PM +0100, Simon Williams wrote:
>>
>>> I think their point was that a program could only change permissions
>>> of a file that was owned by the same owner.
On Wed, Mar 28, 2001 at 04:49:26PM +0100, Simon Williams wrote:
> What I meant was that if a file is owned by root with permissions of,
> say, 555 (r-xr-xr-x), not setuid or setgid, then another executable
> run as a non-root user cannot modify it or change the permissions to
> 7 (rwx).
It's alre
Shawn Starr <[EMAIL PROTECTED]> said:
> Well, why can't the ELF loader module/kernel detect or have some sort of
> restriction on modifying other/ELF binaries including itself from changing
> the Entry point?
Because there are quite valid reasons for "normal" programs (e.g., ld(1)
and other binar
On Wed, Mar 28, 2001 at 09:57:47AM -0500, Alexander Viro wrote:
>
> On Wed, 28 Mar 2001, Romano Giannetti wrote:
>
> > Now the binary can do much less harm than before, or am I missing something?
> > It have no access to real user data, but can use the system library and
> > services without cha
john slee <[EMAIL PROTECTED]> says:
>On Wed, Mar 28, 2001 at 03:10:08PM +0100, Sean Hunter wrote:
>> On Wed, Mar 28, 2001 at 06:08:15AM -0600, Jesse Pollard wrote:
>> > Sure - very simple. If the execute bit is set on a file, don't allow
>> > ANY write to the file. This does modify the permissio
Jesse Pollard writes:
> Absolutely true. The only help the checksumming etc stuff is good for is
> detecting the fact afterward by external comparison.
Don't we already have that to some extent? rpm -ya or rpm -y
on a RedHat system? I'm sure that there is a Debian equivalent.
--
Russell King
In message <[EMAIL PROTECTED]>, Olivier Galibert
<[EMAIL PROTECTED]> writes
>On Wed, Mar 28, 2001 at 03:04:46PM +0100, Simon Williams wrote:
>> I think their point was that a program could only change permissions
>> of a file that was owned by the same owner. If a file is owned by a
>> different
Russell King <[EMAIL PROTECTED]>
>
> On Wed, Mar 28, 2001 at 08:40:42AM -0600, Jesse Pollard wrote:
> > Now, if ELF were to be modified, I'd just add a segment checksum
> > for each segment, then put the checksum in the ELF header as well as
> > in the/a segment header just to make things harder.
Russell King <[EMAIL PROTECTED]>:
> On Wed, Mar 28, 2001 at 08:15:57AM -0600, Jesse Pollard wrote:
> > objcopy - copies object files. Object files are not marked executable...
>
> objcopy copies executable files as well - check the kernel makefiles
> for examples.
At the time it's copying, the i
Sean Hunter <[EMAIL PROTECTED]>:
> On Wed, Mar 28, 2001 at 06:08:15AM -0600, Jesse Pollard wrote:
> > Sure - very simple. If the execute bit is set on a file, don't allow
> > ANY write to the file. This does modify the permission bits slightly
> > but I don't think it is an unreasonable thing to h
[cc list trimmed]
On Wed, Mar 28, 2001 at 03:10:08PM +0100, Sean Hunter wrote:
> On Wed, Mar 28, 2001 at 06:08:15AM -0600, Jesse Pollard wrote:
> > Sure - very simple. If the execute bit is set on a file, don't allow
> > ANY write to the file. This does modify the permission bits slightly
> > but
On Wed, Mar 28, 2001 at 08:40:42AM -0600, Jesse Pollard wrote:
> Now, if ELF were to be modified, I'd just add a segment checksum
> for each segment, then put the checksum in the ELF header as well as
> in the/a segment header just to make things harder. At exec time a checksum
> verify could (exp
On Wed, Mar 28, 2001 at 03:04:46PM +0100, Simon Williams wrote:
> I think their point was that a program could only change permissions
> of a file that was owned by the same owner. If a file is owned by a
> different user & has no write permissions for any user, the program
> can't modify the fil
On Wed, Mar 28, 2001 at 04:32:44PM +0200, Romano Giannetti wrote:
> But with the new VFS semantics, wouldn't be possible for a MUA to make a
> thing like the following:
>
> spawn a process with a private namespace. Here a minimun subset of the
> "real" tree (maybe all / except /dev) is mounted r
On Wed, Mar 28, 2001 at 08:15:57AM -0600, Jesse Pollard wrote:
> objcopy - copies object files. Object files are not marked executable...
objcopy copies executable files as well - check the kernel makefiles
for examples.
--
Russell King ([EMAIL PROTECTED])The developer of ARM Lin
On Wed, 28 Mar 2001, Romano Giannetti wrote:
> Now the binary can do much less harm than before, or am I missing something?
> It have no access to real user data, but can use the system library and
> services without changing anything in the system.
You mean, like mailbombing the living hell
- Received message begins Here -
>
> On Wed, Mar 28, 2001 at 06:08:15AM -0600, Jesse Pollard wrote:
> > Sure - very simple. If the execute bit is set on a file, don't allow
> > ANY write to the file. This does modify the permission bits slightly
> > but I don't think it is an u
>
>
>
> On Wed, 28 Mar 2001, Jesse Pollard wrote:
>
> > >Any idea?
> >
> > Sure - very simple. If the execute bit is set on a file, don't allow
> > ANY write to the file. This does modify the permission bits slightly
> > but I don't think it is an unreasonable thing to have.
>
> And how exac
Notice: this is my first post to l-k since some bug report as old as 0.99...
so please be kind, don't beat me to hard.
On Wed, Mar 28, 2001 at 08:25:46AM -0500, Alexander Viro wrote:
> If you run untrusted binaries - you are screwed. If you run
> them as root - all users on your system are sc
Keith Owens <[EMAIL PROTECTED]>
>
> On Wed, 28 Mar 2001 06:08:15 -0600,
> Jesse Pollard <[EMAIL PROTECTED]> wrote:
> >Sure - very simple. If the execute bit is set on a file, don't allow
> >ANY write to the file. This does modify the permission bits slightly
> >but I don't think it is an unreaso
On Wed, Mar 28, 2001 at 06:08:15AM -0600, Jesse Pollard wrote:
> Sure - very simple. If the execute bit is set on a file, don't allow
> ANY write to the file. This does modify the permission bits slightly
> but I don't think it is an unreasonable thing to have.
>
Are we not then in the somewhat
In message , Walter
Hofmann <[EMAIL PROTECTED]> writes
>
>
>On Wed, 28 Mar 2001, Jesse Pollard wrote:
>
>> >Any idea?
>>
>> Sure - very simple. If the execute bit is set on a file, don't allow
>> ANY write to the file. This does modify the permiss
Jesse Pollard wrote:
> On Wed, 28 Mar 2001, Shawn Starr wrote:
>
>> Well, why can't the ELF loader module/kernel detect or have some sort of
>> restriction on modifying other/ELF binaries including itself from changing
>> the Entry point?
>>
>> There has to be a way stop this. WHY would anyone
On Wed, 28 Mar 2001, Shawn Starr wrote:
>
> http://news.cnet.com/news/0-1003-200-5329436.html?tag=lh
>
> Isn't it time to change the ELF format to stop this crap?
If you run untrusted binaries - you are screwed. If you run
them as root - all users on your system are screwed. If your MUA
(
On Wed, Mar 28, 2001 at 06:08:15AM -0600, Jesse Pollard wrote:
> Sure - very simple. If the execute bit is set on a file, don't allow
> ANY write to the file. This does modify the permission bits slightly
> but I don't think it is an unreasonable thing to have.
Even easier method - remove the wri
On Wed, 28 Mar 2001, Jesse Pollard wrote:
> >Any idea?
>
> Sure - very simple. If the execute bit is set on a file, don't allow
> ANY write to the file. This does modify the permission bits slightly
> but I don't think it is an unreasonable thing to have.
And how exactly does this help?
fchm
On Wed, 28 Mar 2001 06:08:15 -0600,
Jesse Pollard <[EMAIL PROTECTED]> wrote:
>Sure - very simple. If the execute bit is set on a file, don't allow
>ANY write to the file. This does modify the permission bits slightly
>but I don't think it is an unreasonable thing to have.
man strip
man objcopy
m
:16:02 -0500 (EST)
>> > From: Shawn Starr <[EMAIL PROTECTED]>
>> > To:<[EMAIL PROTECTED]>
>> > Subject: Disturbing news..
>> >
>> > http://news.cnet.com/news/0-1003-200-5329436.html?tag=lh
>> > Isn't it time to ch
Shawn Starr wrote:
>
> http://news.cnet.com/news/0-1003-200-5329436.html?tag=lh
>
> Isn't it time to change the ELF format to stop this crap?
>
Nothing to worry about.
A sane distribution have all executables installed read-only
and owned by root or some non-user.
Email appliacations and fil
01:16:02 -0500 (EST)
> > From: Shawn Starr <[EMAIL PROTECTED]>
> > To: <[EMAIL PROTECTED]>
> > Subject: Disturbing news..
> >
> > http://news.cnet.com/news/0-1003-200-5329436.html?tag=lh
> > Isn't it time to change the ELF format to stop this crap
On Wed, Mar 28, 2001 at 01:16:02AM -0500, Shawn Starr wrote:
> Date: Wed, 28 Mar 2001 01:16:02 -0500 (EST)
> From: Shawn Starr <[EMAIL PROTECTED]>
> To: <[EMAIL PROTECTED]>
> Subject: Disturbing news..
>
> http://news.cnet.com/news/0-1003-200-5329436.html?tag=lh
Why not make a new file permission?
to deny a ELF binary the ability to modify the ELF entry point?
like +p if the file had +p (by default) the kernel would deny the ELF
binary the ability to modify files.
Shawn.
On Wed, 28 Mar 2001, Shawn Starr wrote:
>
> http://news.cnet.com/news/0-1003-20
http://news.cnet.com/news/0-1003-200-5329436.html?tag=lh
Isn't it time to change the ELF format to stop this crap?
Shawn.
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to [EMAIL PROTECTED]
More majordomo info at http://vger.kernel.org/majo
38 matches
Mail list logo