Secure Coding mailing list archives
Re: (Shellcode Injection)
From: ljknews <ljknews () mac com>
Date: Tue, 16 Dec 2003 00:56:14 +0000
At 2:14 PM +1100 12/15/03, Louis Solomon [SteelBytes] wrote:
The malicous code often spawns a shell,External to the defective program, that could be avoided by running the program in a process with insufficient quota to spawn a subprocess (on operating systems that support such).one can't always limit to that degree, as sometimes the program being hacked has legitimate reasons for that much privilidge.
Probably there is no technique that can _always_ be applied. If discussions are to be restricted to approaches that are of universal applicability, it would be more efficient to shut the list down.
Current thread:
- Re: [SC-L], (continued)
- Re: [SC-L] Crispin Cowan (Dec 12)
- Re: (Shellcode Injection) ljknews (Dec 13)
- Re: (Shellcode Injection) Crispin Cowan (Dec 13)
- Re: (Shellcode Injection) ljknews (Dec 14)
- Re: (Shellcode Injection) Crispin Cowan (Dec 14)
- Re: (Shellcode Injection) ljknews (Dec 15)
- Re: (Shellcode Injection) Crispin Cowan (Dec 15)
- Re: (Shellcode Injection) ljknews (Dec 13)
- The right tool for the right job, quit beating on the C language Dana Epp (Dec 14)
- Re: The right tool for the right job, quit beating on the C language ljknews (Dec 14)
- Re: [SC-L] Crispin Cowan (Dec 12)
- Re: (Shellcode Injection) Louis Solomon [SteelBytes] (Dec 15)
- Re: (Shellcode Injection) ljknews (Dec 15)
- Message not available
- Re: (Shellcode Injection) Crispin Cowan (Dec 14)