[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Shadow Passwords

> linux's isgraph, it would be a fair trick to create executable code
> from just the set of printable ascii characters. That would mean that

Umm, as a counterexample, there's a "Hello Polyglots" program which is
a text file that compiles in over a dozen languages (C, C++, Cobol,
fortran, others) and interprets in several (pilot, postscript!) *and*
if you rename it to POLY.COM it runs on a DOS machine. It turns out
that you can do a lot with the x86 using only printable ascii

> If people issued a security alert for every piece of code running on
> linuux that didn't do bounds checking on input the security list would

If they did, then people might start to GET A CLUE about how
vulnerable linux applications tend to be... remember, if you see a
CERT advisory about something, it's usually *because* someone is
exploiting it (otherwise they tend to keep it quiet) and we'd rather
catch these before then...
					_Mark_ <eichin@cygnus.com>
					Cygnus Support, Eastern USA

ps. See also the Morris Worm, which finally got people to *notice*
this problem, which overflowed a buffer with code through fingerd, and
couldn't use NUL -- but only needed 25 bytes or so of code to perform 
an exec("/bin/sh")... http://www.mit.edu:8001/people/eichin/virus/main.html
for details.)

Reply to: