funsec mailing list archives
Re: Ilfak's WMF patch
From: Valdis.Kletnieks () vt edu
Date: Sun, 01 Jan 2006 19:25:17 -0500
On Sun, 01 Jan 2006 16:44:53 CST, Matthew Murphy said:
The question we should all be asking is why a hole this obvious wasn't spotted. A graphics renderer that includes *BY-DESIGN* functionality to allow a graphics file to redirect execution control should've set off a few thousand red flags inside Microsoft. SWI auditing probably should've spotted this one.
<-- static int hat.tinfoil++; > You're assuming it wasn't spotted. More likely, it was spotted and well-known by people inside Microsoft, and existed specifically so that some Microsoft product didn't have to go through the effort of implementing their own callbacks in a security-sane way. I'll make the prediction that the Microsoft fix will include something of the form: if (current->program != "M$-Hosed") then close_hole(); (suitably obfuscated to delay the embarassment, of course). <-- hat.tinfoil--; >
Attachment:
_bin
Description:
_______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
Current thread:
- Ilfak's WMF patch Gadi Evron (Jan 01)
- RE: Ilfak's WMF patch Peter Kruse (Jan 01)
- RE: Ilfak's WMF patch Rob, grandpa of Ryan, Trevor, Devon & Hannah (Jan 02)
- Re: Ilfak's WMF patch Pierre Vandevenne (Jan 01)
- RE: Ilfak's WMF patch Larry Seltzer (Jan 01)
- Re: Ilfak's WMF patch Matthew Murphy (Jan 01)
- Re: Ilfak's WMF patch Valdis . Kletnieks (Jan 01)
- Re: Ilfak's WMF patch Matthew Murphy (Jan 01)
- Re[2]: Ilfak's WMF patch Ilfak Guilfanov (Jan 01)
- Re: Ilfak's WMF patch Matthew Murphy (Jan 01)
- RE: Re[2]: Ilfak's WMF patch Larry Seltzer (Jan 02)
- Re[4]: Ilfak's WMF patch Ilfak Guilfanov (Jan 02)
- RE: Re[4]: Ilfak's WMF patch Richard M. Smith (Jan 02)
- Re[6]: Ilfak's WMF patch Ilfak Guilfanov (Jan 02)
- Re: Re[4]: Ilfak's WMF patch Valdis . Kletnieks (Jan 02)
- RE: Ilfak's WMF patch Larry Seltzer (Jan 01)
- RE: Ilfak's WMF patch Peter Kruse (Jan 01)
- Ilfak's WMF patch v. Microsoft's solution Richard M. Smith (Jan 01)
- Re: Ilfak's WMF patch v. Microsoft's solution Matthew Murphy (Jan 01)