[nycbug-talk] Cambridge Researcher Breaks OpenBSD Systrace

Marc Spitzer mspitzer at gmail.com
Fri Aug 10 12:07:19 EDT 2007

On 8/9/07, Jonathan Vanasco <nycbug-list at 2xlp.com> wrote:
> On Aug 9, 2007, at 1:42 PM, Marc Spitzer wrote:
> > An anonymous reader writes "University of Cambridge researcher Robert
> > Watson has published a paper at the First USENIX Workshop On Offensive
> I'm just wondering if he contacted OpenBSD , "Systrace, Sudo,
> Sysjail, the TIS GSWTK framework, and CerbNG" first, and worked out a
> disclosure timeframe

>From what I read on the slides, have not done the paper yet,  I do not
think you *can* fix it.  What he was pointing out was a massive design
flaw that can not go away given the current architecture of the
systems in question.  IE one of the fundamental and necessary
assumptions of this system(atomicy of calling function) does not exist
in the real world as the kernels in question stand.

The interesting thing is minix3 and dragonfly may be better suited to
defending against this problem as they make much more use of message
passing for moving stuff around.

> I couldn't find that information anywhere.
> Personally, I find that the difference between wanting to offer a
> security researcher a "THANK YOU!!!!" or a 'F**k You for disclosing
> holes in software before I had time to patch my system'

This is just not patchable, its a problem if you use these things.


> _______________________________________________
> % NYC*BUG talk mailing list
> http://lists.nycbug.org/mailman/listinfo/talk
> %Be sure to check out our Jobs and NYCBUG-announce lists
> %We meet the first Wednesday of the month

Freedom is nothing but a chance to be better.
Albert Camus

More information about the talk mailing list