Bugtraq mailing list archives

Re: Wiping out setuid programs

From: neale () LOWENDALE COM AU (Neale Banks)
Date: Mon, 11 Jan 1999 23:19:30 +1100


On Sat, 9 Jan 1999, D. J. Bernstein wrote:

[big snip]

My favorite workaround is to make the binary unreadable; I haven't found
any vendors silly enough to allow tracing here. Note that this prohibits
root-squashed NFS mounting for root-owned binaries.


You are proposing that some significant security is obtained by making an
executable file unreadable?

I thought this one was laid to rest last year in the "Dump a mode
--x--x--x binary on Linux 2.0.x" thread, wherein Martin Mares summarised:

Semantics of unreadable files is well-defined at file level (i.e.,
it's defined you cannot read() them), but not at any other level. No
standard guarantees you that contents of such binaries are not
accessible in any other way


Regards,
Neale.

Current thread:

Re: Wiping out setuid programs Steve Bellovin (Jan 07)
- Re: Wiping out setuid programs Gene Spafford (Jan 08)
- <Possible follow-ups>
- Re: Wiping out setuid programs D. J. Bernstein (Jan 09)
  - Re: Wiping out setuid programs Alan Cox (Jan 09)
  - Re: Wiping out setuid programs Nick Maclaren (Jan 10)
  - Bind 8.* bug. Alan Brown (Jan 11)
  - Re: Wiping out setuid programs Neale Banks (Jan 11)
- Re: Wiping out setuid programs Steven M. Bellovin (Jan 09)
- Re: Wiping out setuid programs der Mouse (Jan 09)
- Re: Wiping out setuid programs D. J. Bernstein (Jan 10)
- Re: Wiping out setuid programs Niall Smart (Jan 12)