Bugtraq mailing list archives
Universal Wrapper
From: tarreau () AEMIAIF LIP6 FR (Willy TARREAU)
Date: Tue, 3 Mar 1998 13:17:46 +0100
Hi there ! While I wanted to patch my Xfree, I realized it would be easier to write a wrapper so I wrote a simple one. It only works on arguments passed to the executable, no control is done about environment variables. But its advantage over some other wrappers is that you just have to compile it one and to maintain a reference table which is a small file in /etc. This file is indexed by argv[0] (which could be spoofed so be careful to what you put in!). It contains, for each entry, the name of the real executable, desired EUID and/or EGID, maximum number of args, maximum args length, and a log level which determines 5 possible behaviours: 0 - log nothing, just truncate args. 1 - log only if too long an arg is given 2 - also log if too many args are passed 3 - systematically log any call to the prog 4 - wait a few seconds and quit if any error occurs An other interesting aspect is that it can block during a fixed amount of time before exiting, just to slow down automatic scripts. To make these scripts harder (but not impossible) to use, all signals are ignored during the pause (except of course, SIGKILL/SIGSTOP). It really needs more work, but I won't be there till next week-end, and I wanted to post this now. You could combine it with a message sender I wrote a few months ago, which will pop up a window on you display with immediate information about what's happening on your system. Addresses: SafeLoad (the wrapper): http://www-miaif.lip6.fr/willy/pub/safeload/ Xmsg (message handler/sender): http://www-miaif.lip6.fr/willy/pub/xmsg/ Buffer overflow tests: http://www-miaif.lip6.fr/willy/security/ That's all for the moment. Please tell me if you make significant modifications to the wrapper, or if you find security holes in it, because it's to be suided root, of course, and I hope it won't need itself another wrapper:-) Willy -- +---------------+-------------------------+---------------------------------+ | Willy Tarreau | tarreau () aemiaif lip6 fr | http://www-miaif.lip6.fr/willy/ | | Magistere d'Informatique Appliquee de l'Ile de France (MIAIF), promo 97 | +---------------------------------------------------------------------------+
Current thread:
- Re: strcpy versus strncpy, (continued)
- Re: strcpy versus strncpy Kragen (Mar 03)
- Re: strcpy versus strncpy Wietse Venema (Mar 03)
- Re: strcpy versus strncpy pedward () WEBCOM COM (Mar 03)
- Re: strcpy versus strncpy Kragen (Mar 03)
- Re: strcpy versus strncpy Aleph One (Mar 02)
- Re: strcpy versus strncpy sinster () DARKWATER COM (Mar 02)
- Re: strcpy versus strncpy Nick Maclaren (Mar 03)
- Re: strcpy versus strncpy Mark Walker (Mar 03)
- updatedb: sort patch Michael Ballbach (Mar 02)
- Re: strcpy versus strncpy Eivind Eklund (Mar 03)
- Vulnerabilites in some versions of info2www CGI Niall Smart (Mar 03)
- Universal Wrapper Willy TARREAU (Mar 03)
- Re: strcpy versus strncpy Victor Lavrenko (Mar 03)
- Re: strcpy versus strncpy Chris L. Mason (Mar 03)
- Re: strcpy versus strncpy Mark Whitis (Mar 04)
- Re: strcpy versus strncpy Andy Church (Mar 02)
- Re: strcpy versus strncpy Edwin Li-Kai Liu (Mar 03)
- Re: strcpy versus strncpy Ben Laurie (Mar 03)
- Re: strcpy versus strncpy Chris L. Mason (Mar 03)
- Re: strcpy versus strncpy der Mouse (Mar 04)
- Re: strcpy versus strncpy Aleph One (Mar 04)
- Re: strcpy versus strncpy Aleph One (Mar 04)
(Thread continues...)