[nycbug-talk] Cambridge Researcher Breaks OpenBSD Systrace

Marc Spitzer mspitzer at gmail.com
Thu Aug 9 13:42:11 EDT 2007

Link: http://it.slashdot.org/it/07/08/09/138224.shtml

An anonymous reader writes "University of Cambridge researcher Robert
Watson has published a paper at the First USENIX Workshop On Offensive
Technology in which he describes serious vulnerabilities in OpenBSD's
Systrace, Sudo, Sysjail, the TIS GSWTK framework, and CerbNG. The
technique is also effective against many commercially available
anti-virus systems. His slides include sample exploit code that
bypasses access control, virtualization, and intrusion detection in
under 20 lines of C code consisting solely of memcpy() and fork().
Sysjail has now withdrawn their software, recommending against any
use, and NetBSD has disabled Systrace by default in their upcoming

Freedom is nothing but a chance to be better.
Albert Camus

More information about the talk mailing list