Re: Sysmask security challenge: 1 week and +300 arbitrary code assaults, still resisting
From: azuredu (xiao_at_unice.fr)
Date: 04/20/05
- Previous message: Stephan Neuhaus: "Re: Sysmask security challenge: 1 week and +300 arbitrary code assaults, still resisting"
- In reply to: Stephan Neuhaus: "Re: Sysmask security challenge: 1 week and +300 arbitrary code assaults, still resisting"
- Next in thread: azuredu: "Re: Sysmask security challenge: 1 week and +300 arbitrary code assaults, still resisting"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: 20 Apr 2005 03:14:04 -0700
Take as an example my sshd. If you exploit a vulnerability in it (well
I don't know how), you will find the environement even more restrictive
than the challenge, with one big exception /etc/shadow that is
legitimately needed by sshd. But now I just don't care if somebody may
steal the file and crack my password: you could have passed the
authentication of sshd, but after that you still cannot get rid of the
sysmask restrictions. Only I myself know how to, and this time the
"password" is protected by sysmask as tightly as /etc/unreadable.52971.
That's why cracking sshd on my system cannot lead to successful
infiltrations. Well, unless the challenge is easily breakable.
- Previous message: Stephan Neuhaus: "Re: Sysmask security challenge: 1 week and +300 arbitrary code assaults, still resisting"
- In reply to: Stephan Neuhaus: "Re: Sysmask security challenge: 1 week and +300 arbitrary code assaults, still resisting"
- Next in thread: azuredu: "Re: Sysmask security challenge: 1 week and +300 arbitrary code assaults, still resisting"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
