Vulnerability Development mailing list archives

Previous By Date Next
Previous By Thread Next

Re: History Files

From: 11a () GMX NET (Bluefish)
Date: Thu, 20 Apr 2000 04:28:50 +0200

On Tue, 18 Apr 2000, iconoclast wrote:

heh, i've hacked systems where all you can do is read email supposedly.
you can use pine to execute commands you know :)


This actually kind of get's you into some kind of Windows 9x kind'a
security. The application isn't intended to provide security, you make
some changes (policy or whatever) and hope it will provide security.

I mean, even if a program like pine couldn't execute files, concider the
following scenario: you find a bug, which by doing [ insert something
weird ] gives you the ability to execute programs. You notify
the developers. "Uh, so?" they think and don't fix it because the program
was never designed to stop attackers anyway.

Another revelant thingy was something I read (probably in this list or in
bugtraq) where a CD-burner software which was designed to be executed by
root only was called by suid front-end. Whoever is responsible for
designing a applications which suids' a program not intended for it makes
the same error; assuming something to be secure which isn't designed to be
secure.

Kind'a funny people do such things. I mean, it's reasonable that you once
in a while do some misstake where you own code or setup can be exploited
in some weird technical way. But is it really reasonable that people
dodn't even think about the security models, the design ideals etc
behind products? It seems people assumes that  new functionallity
(security in this case) exits in a product just because it at the moment
is convinient for them!

..:::::::::::::::::::::::::::::::::::::::::::::::::..
     http://www.11a.nu || http://bluefish.11a.nu
    eleventh alliance development & security team
Previous By Date Next
Previous By Thread Next

Current thread: