Re: Compiling untrusted source -- what are the risks?

From: Alex Popa (razor@ldc.ro)
Date: 06/13/01 

Date: Thu, 14 Jun 2001 00:19:47 +0300
From: Alex Popa <razor@ldc.ro>
To: Kris Kennaway <kris@obsecurity.org>

On Wed, Jun 13, 2001 at 01:03:13PM -0700, Kris Kennaway wrote:
> On Wed, Jun 13, 2001 at 09:24:02AM +0300, Alex Popa wrote:
>
> > The step I am worried about is the compiling, since I do need to have
> > the include files and libraries available.
> > [irrelevant part snipped]
>
> You could do this step in a jail if you wanted to. If you're using
> user-supplied makefiles, then they can run arbitrary commands. If
> you're using a fixed set of compiler invocations and the standard
> toolchain then it should probably be okay (I don't know of any ways to
> cause the compiler toolchain to execute arbitrary commands during
> compilation).
>
> Kris

I will probably go with something like (filename will be my own, not
the user supplied filename):
"gcc -Wall -W -Werror -pipe -static filename.c -o a.out"
for the compiling step. The toolchain is exactly what I was worried
about, and I really do not feel like providing a fresh jail for every
compile. The running of the programs will go in a new jail and UID
for every run, to prevent pollution.

I also consider disabling SYSV semaphores and shared memory for that
particular machine.

Thank you a lot,
        Alex (who did paranoia++ a few too many times)

------------+------------------------------------------
Alex Popa, | "Artificial Intelligence is
razor@ldc.ro| no match for Natural Stupidity"
------------+------------------------------------------
"It took the computing power of three C-64s to fly to the Moon.
It takes a 486 to run Windows 95. Something is wrong here."

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message

Relevant Pages

  • Re: Distcc + cross compiling
    ... create a new jail with distcc and gcc to help my laptop compiling ... gentoo x86 stuff, I'm using GCC 4.2.3 on my laptop... ... off making a virtual machine with gentoo installed in it on your FreeBSD ... box and compiling from there, or it's possible you could compile static ...
    (freebsd-questions)
  • Re: Distcc + cross compiling
    ... I have a FreeBSD x86 server, running FreeBSD 7.0-RELEASE, I'd like to ... create a new jail with distcc and gcc to help my laptop compiling ... is it possible to use FreeBSD for compiling gentoo's stuff?? ... In this case, FreeBSD and gentoo put libraries in different places, call ...
    (freebsd-questions)
  • jail and emulators/linux_base
    ... I'm running CURRENT and set up a jail where I want to install SUN JDK ... linux emulation needs to be installed. ... compiling it on the host system took 54.9 seconds. ...
    (freebsd-current)
  • Re: jail and emulators/linux_base
    ... > I'm running CURRENT and set up a jail where I want to install SUN JDK ... linux emulation needs to be installed. ... > compiling it on the host system took 54.9 seconds. ...
    (freebsd-current)
  • Re: Create an X Workstation
    ... Later Changelogs do not mention them, ... You might have better results compiling 3.3.6 using the OS and tool ... That is my problem - I am not skilled enough to build a complete toolchain ... everything else should be quite modern. ...
    (comp.windows.x)
Loading