Forgot your password?

Close
typodupeerror
248651 story spacer spacer spacer

Cambridge Researcher Breaks OpenBSD Systrace 194

Posted by kdawson
from the without-a-trace dept.
An anonymous reader writes "University of Cambridge researcher Robert Watson has published a paper at the First USENIX Workshop On Offensive Technology in which he describes serious vulnerabilities in OpenBSD's Systrace, Sudo, Sysjail, the TIS GSWTK framework, and CerbNG. The technique is also effective against many commercially available anti-virus systems. His slides include sample exploit code that bypasses access control, virtualization, and intrusion detection in under 20 lines of C code consisting solely of memcpy() and fork(). Sysjail has now withdrawn their software, recommending against any use, and NetBSD has disabled Systrace by default in their upcoming release."
This discussion has been archived. No new comments can be posted.

Cambridge Researcher Breaks OpenBSD Systrace More Login

Cambridge Researcher Breaks OpenBSD Systrace

Comments Filter:
  • All
  • Insightful
  • Informative
  • Interesting
  • Funny
gipoco.com is neither affiliated with the authors of this page nor responsible for its contents. This is a safe-cache copy of the original web site.