Hi,
I have just read an Bell Labs anouncement, that they are going to release libsafe under GNU licence, and that some major Linux distros are going to be using it. SuSE was not amongst them, why is that? I think that libsafe would be a good echnacement against buffer overflow.
Anouncement is on: http://www.bell-labs.com/news/2000/april/20/1.html
just because something new pops up please be careful with questions like "when will you implement it?" ;-) There are several questions to ask: a) is it STABLE and does it NOT affect the stability of other programs? b) does it bring additional security problems into the system? c) is the security protection effective? Well, of course the SuSE Security Team already reviewed libsafe. Here are the answers: a) unsure. it would have to be tested very intensive. this was not done yet. b) the code might have vulnerabilities, however the protection gained is higher even if a vulnerability would be present c) okay, now the tough part: libsafe is a dynamic library which is set in the environment which checks several dangerous functions, which can be a security problem. Because it is a dynamic library, it is NO protection against local attackers, just against remote attackers on network services. (if an attacker wants to attack a local suid file, he would just reset his library path environment). Next thing: it does not check for all known vulnerabilites. It even doesn't protect against all buffer overflows, It just protects against *some* overflows. those which happen because of insecure use of strcat/strcpy etc. summary: I can not remember a vulnerability in a network service for the last year which this tool would have prevented. Therefore: as long as this tool is not enhanced to also protect open/fopen calls against symlink/hardlink/pipe attacks, several more buffer overflow types, system/exec* function protection etc. it is not useful to use this tool. I would rather propose to use the secumod module which comes with SuSE Linux since 6.3 and maybe the secure-linux kernel patch from www.openwall.com - these two tools enhance your security. (and btw, install seccheck, hardensuse and firewals and use them - then your security is very high) Greets, Marc -- Marc Heuse, SuSE GmbH, Schanzaeckerstr. 10, 90443 Nuernberg E@mail: marc@suse.de Function: Security Support & Auditing "lynx -source http://www.suse.de/~marc/marc.pgp | pgp -fka" Key fingerprint = B5 07 B6 4E 9C EF 27 EE 16 D9 70 D4 87 B5 63 6C
Marc Heuse wrote:
c) okay, now the tough part: libsafe is a dynamic library which is set in the environment which checks several dangerous functions, which can be a security problem. Because it is a dynamic library, it is NO protection against local attackers, just against remote attackers on network services. (if an attacker wants to attack a local suid file, he would just reset his library path environment). [...]
Correct me if I'm wrong, but I think the -rpath option take precedence over LD_LIBRARY_PATH? Is there any way around that? Cheers, -petter.
It seems OpenSSH 2.5 was just released today. Anyone know whats new and what happened to 2.4? M
At 08:30 AM 17/02/2001, you wrote:
It seems OpenSSH 2.5 was just released today.
Anyone know whats new and what happened to 2.4?
Looks like it has an sftp client now among other things... ftp://ftp.ca.openbsd.org/pub/OpenBSD/OpenSSH/portable/ChangeLog/ --- Nix - nix@susesecurity.com http://www.susesecurity.com
BTW it appears that OpenSSH 2.5.0 is the only SSH implementation near 100% compatible with all other clients/servers (so sayeth Theo). There's some other cool stuff to that will be announced soon =). Kurt
Anyone know whats new and what happened to 2.4?
Looks like it has an sftp client now among other things... ftp://ftp.ca.openbsd.org/pub/OpenBSD/OpenSSH/portable/ChangeLog/
--- Nix - nix@susesecurity.com http://www.susesecurity.com
--------------------------------------------------------------------- To unsubscribe, e-mail: suse-security-unsubscribe@suse.com For additional commands, e-mail: suse-security-help@suse.com
participants (5)
-
Kurt Seifried
-
marc@suse.de
-
Mr. M
-
Nix
-
Petter Urkedal