Re: Sysmask security challenge report: 4 months and 7000 arbitrary code executions, still intact.
From: Keith Keller (kkeller-usenet_at_wombat.san-francisco.ca.us)
Date: 08/22/05
- Next message: Rich Piotrowski: "Re: how to restrict user from running some downloaded prgm?"
- Previous message: Stephen Webster: "Re: how to restrict user from running some downloaded prgm?"
- In reply to: azuredu: "Sysmask security challenge report: 4 months and 7000 arbitrary code executions, still intact."
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Mon, 22 Aug 2005 12:38:32 -0700
On 2005-08-22, azuredu <xiao@unice.fr> wrote:
> Here it is:
> http://wims.unice.fr/wims/wims.cgi?module=adm/unice/challenge
>
> Breakable or not, this now becomes a good indication of how a Linux
> system can be considerably hardened with little effort
I'm not taking a position on whether your software is secure, but have
you read Bruce Schneier's piece on cracking contests?
http://www.schneier.com/crypto-gram-9812.html#1
It mainly applies to crypto challenges, but I think it applies fairly
well to your challenge, as well. I'd be more prone to publicize any
comments people have made about the sysmask code itself, since you've
made it available under the GPL.
--keith
-- kkeller-usenet@wombat.san-francisco.ca.us (try just my userid to email me) AOLSFAQ=http://wombat.san-francisco.ca.us/cgi-bin/fom see X- headers for PGP signature information
- Next message: Rich Piotrowski: "Re: how to restrict user from running some downloaded prgm?"
- Previous message: Stephen Webster: "Re: how to restrict user from running some downloaded prgm?"
- In reply to: azuredu: "Sysmask security challenge report: 4 months and 7000 arbitrary code executions, still intact."
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
|
