Re: [lids-user] shellcode detection and prevention in LIDS

From: Bosko Radivojevic (boleat_private)
Date: Mon May 27 2002 - 11:42:02 PDT

  • Next message: Marc-Christian Petersen: "LSM Issue with modules"

    > When the parameter/env length is too long, it will print out a message to
    > warn you, and if found shellcode at the same time, it will stop the
    > program. This checking only apply to the setuid/setgid program. 
    We are using capabilities, remember? :) Checking should be done for all
    'special' programs, including setuid/setgid. (Special = something is
    granted by lids to the program)
    linux-security-module mailing list

    This archive was generated by hypermail 2b30 : Mon May 27 2002 - 15:54:48 PDT