Secure Coding mailing list archives
Re: (Shellcode Injection)
From: "Louis Solomon [SteelBytes]" <louis () steelbytes com>
Date: Mon, 15 Dec 2003 11:15:26 +0000
The malicous code often spawns a shell,External to the defective program, that could be avoided by running the program in a process with insufficient quota to spawn a subprocess (on operating systems that support such).
one can't always limit to that degree, as sometimes the program being hacked has legitimate reasons for that much privilidge. Louis Solomon www.steelbytes.com
Current thread:
- [SC-L] Jeffrey W. Baker (Dec 12)
- Re: [SC-L] Crispin Cowan (Dec 12)
- Re: (Shellcode Injection) ljknews (Dec 13)
- Re: (Shellcode Injection) Crispin Cowan (Dec 13)
- Re: (Shellcode Injection) ljknews (Dec 14)
- Re: (Shellcode Injection) Crispin Cowan (Dec 14)
- Re: (Shellcode Injection) ljknews (Dec 15)
- Re: (Shellcode Injection) Crispin Cowan (Dec 15)
- Re: (Shellcode Injection) ljknews (Dec 13)
- The right tool for the right job, quit beating on the C language Dana Epp (Dec 14)
- Re: The right tool for the right job, quit beating on the C language ljknews (Dec 14)
- Re: [SC-L] Crispin Cowan (Dec 12)
- Re: (Shellcode Injection) Louis Solomon [SteelBytes] (Dec 15)
- Re: (Shellcode Injection) ljknews (Dec 15)
- Message not available
- Re: (Shellcode Injection) Crispin Cowan (Dec 14)
- <Possible follow-ups>
- RE: [SC-L] Lewis, Todd (Dec 15)