Buffer overflow?

Pawel Jakub Dawidek nick at garage.freebsd.pl
Tue Aug 26 03:01:34 PDT 2003

On Fri, Aug 01, 2003 at 06:12:46PM -0700, Matthew Dillon wrote:
+>     Consider the difference between running something like named as we run
+>     it now, even in a chroot'd environment, verses running something like
+>     named in a restricted environment which has the rules:
+> 	* R/W allowed in /etc/namedb/s, /etc/namedb/run, and 
+> 	  /var/run/named.pid
+> 	* /dev access only to /dev/null and /dev/zero
+> 	* read-access to standard /etc config files for libc support,
+> 	  which does NOT include access to the password file.
+> 	* no ability to run suid/sgid programs or to connect to any 
+> 	  socket resource other then port X, Y, and Z.
+> 	* no other access  (no ability to exec suid/sgid programs, no
+> 	  ability to access other socket resources, no ability to access
+> 	  random devices in /dev, no ability to run esoteric system calls
+> 	  that named has no business running, whether they are supposed to
+> 	  be secure or not.  No ability to access the password file or
+> 	  database).
+>     The same can be said for Apache, sendmail, and just about any other
+>     service one might run, as well as programs like sudo which are 
+>     ridiculouslyl dangerous.

You can look at my project - CerbNG wich provide such functionality in
its own way:


and here are example policies:


I'm considering porting CerbNG to DFly while it is based on FreeBSD 4.x.

Pawel Jakub Dawidek                       pawel at xxxxxxxxxxx
UNIX Systems Programmer/Administrator     http://garage.freebsd.pl
Am I Evil? Yes, I Am!                     http://cerber.sourceforge.net
-------------- next part --------------
A non-text attachment was scrubbed...
Name: pgp00003.pgp
Type: application/octet-stream
Size: 305 bytes
Desc: "Description: PGP signature"
URL: <http://lists.dragonflybsd.org/pipermail/kernel/attachments/20030826/a9e79bc4/attachment-0020.obj>

More information about the Kernel mailing list