Bugtraq mailing list archives

Re: [ADVISORY] 4.4BSD Securelevels

From: tqbf () ENTERACT COM (Thomas H. Ptacek)
Date: Wed, 25 Jun 1997 18:10:40 -0500

to point out that this change is insufficient, in that it does not
protect writes to the init process's registers.  This is rather easy


Mr. Hannum, after reading your code, I cannot see how this is the case.

Our patch disallows any write access to any procfs file associated with
PID 1 in securelevels above 0. Your patch disallows write access
specifically to regs, floating point regs, and memory - nothing else.

Could you be more specific as to (exactly) how our patch is inadequate?

----------------
Thomas Ptacek at EnterAct, L.L.C., Chicago, IL [tqbf () enteract com]
----------------
"If you're so special, why aren't you dead?"

Current thread:

Re: [ADVISORY] 4.4BSD Securelevels Charles M. Hannum (Jun 25)
- Re: [ADVISORY] 4.4BSD Securelevels Thomas H. Ptacek (Jun 25)
- Solaris Ping bug (DoS) Adam Caldwell (Jun 25)
  - Re: Solaris Ping bug (DoS) Gnuchev Fedor (Jun 26)
  - Re: Solaris Ping bug (DoS) just me. (Jun 26)
  - Re: Solaris Ping bug (DoS) Francesco Messineo (Jun 26)
  - 'sec-fix' for NT 3.51 Aleph One (Jun 26)
  - Problem in dxterm (ULTRIX) Trevor Schroeder (Jun 26)
  - Re: Solaris Ping bug (DoS) Philip Kizer (Jun 26)
    - Solaris Ping bug(inetsvc) Renteria Tabares J. (Jun 27)
    - Announce: ypcat for Win NT/95 Aaron Spangler (Jun 27)
  - Re: Solaris Ping bug (DoS) Geoff Mulligan (Jun 27)

(Thread continues...)