Re: ANNOUNCE: Medusa DS9 security system

• Previous message: Charles Capps: "Re: perl-cgi hole in UltimateBB by Infopop Corp."
• Maybe in reply to: Milan WWW Pikula: "ANNOUNCE: Medusa DS9 security system"
• Next in thread: Milan WWW Pikula: "Re: ANNOUNCE: Medusa DS9 security system"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

>  communicates with the kernel using character device to send and receive
>  "packets". Daemon contains the whole logic and implements the concrete
>  security policy. That means, that medusa can (as opposite to another
[...]
>  * ability to enforce process to execute an arbitrary code. This feature
>    is usefull to enforce logging drom that process and so.

the fact that your program has both a userspace and a kernel-space
component makes it almost immediately suspect as "vulnerable".  kind of
funny for me to get to reply to a "security tool" announcement with a
notice-of-warning.

has the source to the userspace module been audited yet?  hopefully by
someoen other than the authors?

that last part sounds like it might make, with a few mods, a great 3l33t
h@x0r tool :)  perhaps it might be most useful to someone good enough to
get a rootshell but not good enough to hack away at the process table by
themselves.

all in all, this thing scares me.

elijah

• Next message: Bill McKinnon: "Re: perl-cgi hole in UltimateBB by Infopop Corp."
• Previous message: Charles Capps: "Re: perl-cgi hole in UltimateBB by Infopop Corp."
• Maybe in reply to: Milan WWW Pikula: "ANNOUNCE: Medusa DS9 security system"
• Next in thread: Milan WWW Pikula: "Re: ANNOUNCE: Medusa DS9 security system"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 15:35:19 PDT