Re: [lids-user] shellcode detection and prevention in LIDS

From: Bosko Radivojevic (boleat_private)
Date: Mon May 27 2002 - 11:42:02 PDT

  • Next message: Marc-Christian Petersen: "LSM Issue with modules"

    Xie,
    
    > When the parameter/env length is too long, it will print out a message to
    > warn you, and if found shellcode at the same time, it will stop the
    > program. This checking only apply to the setuid/setgid program. 
    
    We are using capabilities, remember? :) Checking should be done for all
    'special' programs, including setuid/setgid. (Special = something is
    granted by lids to the program)
    
    Greetings
    
    
    
    _______________________________________________
    linux-security-module mailing list
    linux-security-moduleat_private
    http://mail.wirex.com/mailman/listinfo/linux-security-module
    



    This archive was generated by hypermail 2b30 : Mon May 27 2002 - 15:54:48 PDT