Secure Coding mailing list archives

Re: (Shellcode Injection)

From: ljknews <ljknews () mac com>
Date: Tue, 16 Dec 2003 00:56:14 +0000

At 2:14 PM +1100 12/15/03, Louis Solomon [SteelBytes] wrote:

The malicous code often spawns a shell,


External to the defective program, that could be avoided by running
the program in a process with insufficient quota to spawn a subprocess
(on operating systems that support such).


one can't always limit to that degree, as sometimes the program being hacked
has legitimate reasons for that much privilidge.


Probably there is no technique that can _always_ be applied.
If discussions are to be restricted to approaches that are of
universal applicability, it would be more efficient to shut the
list down.

Current thread:

Re: [SC-L], (continued)
- Re: [SC-L] Crispin Cowan (Dec 12)
  - Re: (Shellcode Injection) ljknews (Dec 13)
    - Re: (Shellcode Injection) Crispin Cowan (Dec 13)
    - Re: (Shellcode Injection) ljknews (Dec 14)
    - Re: (Shellcode Injection) Crispin Cowan (Dec 14)
    - Re: (Shellcode Injection) ljknews (Dec 15)
    - Re: (Shellcode Injection) Crispin Cowan (Dec 15)
    - The right tool for the right job, quit beating on the C language Dana Epp (Dec 14)
    - Re: The right tool for the right job, quit beating on the C language ljknews (Dec 14)
    - Re: (Shellcode Injection) Louis Solomon [SteelBytes] (Dec 15)
    - Re: (Shellcode Injection) ljknews (Dec 15)
    - Message not available
    - Re: (Shellcode Injection) Crispin Cowan (Dec 14)
- RE: [SC-L] Lewis, Todd (Dec 15)