Bugtraq mailing list archives

Previous By Date Next
Previous By Thread Next

Re: EMERGENCY: new remote root exploit in UW imapd

From: angio () AROS NET (Dave Andersen)
Date: Tue, 21 Jul 1998 14:14:30 -0600

Lo and behold, Allanah Myles once said:


The traditional argument is that "with the way things
currently are, it may be nearly impossible to redesign
services to not require privilages."  Well, then, if
you want a secure system, be prepared to build one---from
scratch, if need be.  Perhaps even the existing notion of
UNIX-based privilages is insufficient for any real
security - design a better model, and implement it.


   Other people have argued this point far better than I'm willing to in
a short mail message, so I'll just point out a pretty good reference.
This is mostly in the arena of research, not available products, so if
you're looking for a quick fix, hit "delete" now. :)

TIS (now "TIS labs at Network Associates" if we want to be formal. :-)
has a great paper entitled "Confining Root Programs with Domain Type
Enforcement".  One major premise of the paper is that your root programs
are likely to experience problems and compromises, so the best way to get
around that is by reducing the spread of what those "root" programs can
do.  Similar arguments have been made for years on the least priviledge
front, so I'll leave that side of things alone.

  http://www.tis.com/research/secure/compsys.html

   -Dave

--
angio () aros net        <-- play
danderse () cs utah edu  <-- work
Previous By Date Next
Previous By Thread Next

Current thread: