Re: [lids-user] shellcode detection and prevention in LIDS

• Previous message: Valdis.Kletnieksat_private: "Re: shellcode detection and prevention in LIDS"
• In reply to: Huagang Xie: "shellcode detection and prevention in LIDS"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Xie,

> When the parameter/env length is too long, it will print out a message to
> warn you, and if found shellcode at the same time, it will stop the
> program. This checking only apply to the setuid/setgid program. 

We are using capabilities, remember? :) Checking should be done for all
'special' programs, including setuid/setgid. (Special = something is
granted by lids to the program)

Greetings



_______________________________________________
linux-security-module mailing list
linux-security-moduleat_private
http://mail.wirex.com/mailman/listinfo/linux-security-module

• Next message: Marc-Christian Petersen: "LSM Issue with modules"
• Previous message: Valdis.Kletnieksat_private: "Re: shellcode detection and prevention in LIDS"
• In reply to: Huagang Xie: "shellcode detection and prevention in LIDS"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Mon May 27 2002 - 15:54:48 PDT