[Subject Prev][Subject Next][Thread Prev][Thread Next][Subject Index][Thread Index]

daemons

To: linux-india-programmers@xxxxxxxxxxxxxxxxxxxxx
Subject: daemons
From: omicron@xxxxxxx
Date: Sat, 29 Jul 2000 23:55:22 +0530 (IST)
Reply-to: omicron@xxxxxxx

hi
	i am doing a script that acts like a daemon and kills of a user
who tries buffer overflow exploits. unfortunately, it is too dumb. it
kills all the setuid processes a user executes. So, my question is how do
i make a program differentiate between a normal setuid program ( chfn,
passwd ) and a buffer overflow exploit ( pam.sh , sendmail exploit ) ?

You can get the script in http://www.pes.edu/~omicron/nasty.html
hopefully by tomorrow.

This is a shell script and starts from inittab or the rc.d scripts , so
this has the root powers. The solution might preferably be in a script
form ( a c program will not necessarily cause a big change in the script
though ). i am looking towards ps -aux to get the solution, but  i'm not
too conviced of the security.

cheers
cheedu


-- 
*******
Sridhar	(cheedu)  || mail: cheedu@xxxxxxxx
II Sem,		  || page: http://www.geocities.com/sri_dhar_n
B.E Info Tech 	  || site: cheedu.dyndns.org
PESIT 		  || nick: omicron,cheedu

Smile.. Tomorrow will be worse
--

Follow-Ups:
- Re: daemons
  - From: Sharad Joshi

Prev by Subject: Client Side Encryption]
Next by Subject: Re: daemons
Previous by thread: Client Side Encryption]
Next by thread: Re: daemons
Index(es):
- Subject
- Thread