Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!

 



Forgot your password?
typodupeerror
Get HideMyAss! VPN, PC Mag's Top 10 VPNs of 2016 for 55% off for a Limited Time ×
Security

Submission + - OpenBSD's Systrace broken by Cambridge researcher (lightbluetouchpaper.org)

An anonymous reader writes: University of Cambridge researcher Robert Watson has published a paper at the First USENIX Workshop On Offensive Technology (WOOT07) in which he describes serious vulnerabilities in OpenBSD's Systrace, Sudo, Sysjail, the TIS GSWTK framework, and CerbNG, and that the technique is also effective against many commercially available anti-virus systems. His slides include sample exploit code that bypasses access control, virtualization, and intrusion detection in under 20 lines of C code consisting solely of memcpy() and fork(). Sysjail has now withdrawn their software recommending against any use, and NetBSD has disabled Systrace by default in their upcoming release.
This discussion was created for logged-in users only, but now has been archived. No new comments can be posted.

OpenBSD's Systrace broken by Cambridge researcher

Comments Filter:

IF I HAD A MINE SHAFT, I don't think I would just abandon it. There's got to be a better way. -- Jack Handley, The New Mexican, 1988.

Working...