Penetration Testing mailing list archives
Subverting eTrust Access Control on UNIX (file execution)
From: RexRufi <rexrufi () gmail com>
Date: Sun, 7 Dec 2008 18:42:03 -0500
One of my clients is using CA Access Control (formerly eTrust Access Control) to restrict execution of certain binaries to specifically authorized users. Does anyone know how eTrust determines matches for purposes of restricting access, i.e. is it simply path/file name or is there a hash used? As an authorized unprivileged user, I picture subverting this by simply uploading my own version of these binaries, if needed. If eTrust is using a hash, I'll need to modify these so that they no longer match. Any ideas? There is not much detailed eTrust documentation out there in the public domain. Thanks for your insight, Rex ------------------------------------------------------------------------ This list is sponsored by: Cenzic Security Trends Report from Cenzic Stay Ahead of the Hacker Curve! Get the latest Q2 2008 Trends Report now www.cenzic.com/landing/trends-report ------------------------------------------------------------------------
Current thread:
- Subverting eTrust Access Control on UNIX (file execution) RexRufi (Dec 07)
- Re: Subverting eTrust Access Control on UNIX (file execution) Tim Brown (Dec 08)
- Re: Subverting eTrust Access Control on UNIX (file execution) arvind doraiswamy (Dec 10)
- Re: Subverting eTrust Access Control on UNIX (file execution) Tim Brown (Dec 10)
- Re: Subverting eTrust Access Control on UNIX (file execution) arvind doraiswamy (Dec 10)
- Re: Subverting eTrust Access Control on UNIX (file execution) Tim Brown (Dec 08)