Secure Coding mailing list archives
Re: (Shellcode Injection)
From: ljknews <ljknews () mac com>
Date: Mon, 15 Dec 2003 11:15:26 +0000
At 4:08 PM -0800 12/14/03, Crispin Cowan wrote:
ljknews wrote:At 12:05 PM -0800 12/13/03, Crispin Cowan wrote:
The malicious code often spawns a shell,External to the defective program, that could be avoided by running the program in a process with insufficient quota to spawn a subprocess (on operating systems that support such)."May not spawn anything at all" is highly restrictive for most programs. The Immunix OS SubDomain <http://immunix.org/subdomain.html> feature lets you specify the set of programs that a given program may spawn.
I don't have any statistics to argue the "most programs" issue, but certainly I know of shops where spawning is never built into a program - just due to programming practices and unrelated to security. Another consideration would be the security environment of the program under consideration. There are situations where rights ascribed to that running program would _not_ be inherited by a spawned process. That is not the end of discussions about what an attacker might try, of course, but many of the hazards associated with escaping from a controlled environment are tied up with the notion of inheriting the access rights of that controlled environment -- without the controls.
Current thread:
- [SC-L] Jeffrey W. Baker (Dec 12)
- Re: [SC-L] Crispin Cowan (Dec 12)
- Re: (Shellcode Injection) ljknews (Dec 13)
- Re: (Shellcode Injection) Crispin Cowan (Dec 13)
- Re: (Shellcode Injection) ljknews (Dec 14)
- Re: (Shellcode Injection) Crispin Cowan (Dec 14)
- Re: (Shellcode Injection) ljknews (Dec 15)
- Re: (Shellcode Injection) Crispin Cowan (Dec 15)
- Re: (Shellcode Injection) ljknews (Dec 13)
- The right tool for the right job, quit beating on the C language Dana Epp (Dec 14)
- Re: The right tool for the right job, quit beating on the C language ljknews (Dec 14)
- Re: [SC-L] Crispin Cowan (Dec 12)
- Re: (Shellcode Injection) Louis Solomon [SteelBytes] (Dec 15)
- Re: (Shellcode Injection) ljknews (Dec 15)
- Message not available
- Re: (Shellcode Injection) Crispin Cowan (Dec 14)
- <Possible follow-ups>
- RE: [SC-L] Lewis, Todd (Dec 15)