Not logged in
Log in now
Create an account
Subscribe to LWN
Pencil, Pencil, and Pencil
Dividing the Linux desktop
LWN.net Weekly Edition for June 13, 2013
A report from pgCon 2013
Little things that matter in language design
Security quotes of the week
Posted Jun 2, 2012 10:23 UTC (Sat) by hummassa (subscriber, #307)
If you have SHELL access to a box, you already can do
echo BYTESBYTES > a.out; chmod +x a.out; ./a.out
where BYTESBYTES is a program with privilege escalation properties, because it trips some vulnerability on the shell or on libc or whatever.
IMNSHO, this will always (for a latu sensu definition of always) be that way because: (1) our systems programming language of choice today (C) is adversarial to the developer by making non-vulnerability-prone programs difficult to write (come on, before C with Classes I would have written C with Well-Managed Strings and Buffers And Access to The Overflow Flag); (2) programmers will always make mistakes; (3) with some rare, academical exceptions, we do not have a proven-secure programming (as in theorem proof) and those are rare and academical because we do not have a lot of proven-secure-capable developers. <rant>It's still hard to find developers that do not ignore the necessity of maintaining and passing my automated test suites, and those are not rigorous by any standards</rant>.
Posted Jun 4, 2012 12:29 UTC (Mon) by nix (subscriber, #2304)
(For extra points, the system must have sufficiently many interacting parts that you can't formally prove that nothing done excepting a few specific intended things can lead to privilege escalation, but since to a first approximation nobody ever formally proves their code correct in this fashion this is overkill).
Copyright © 2013, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds