[Info-vax] Kernel Transplantation
Mark Berryman
mark at theberrymans.com
Sat Jan 20 11:45:01 EST 2024
On 1/19/24 11:44 AM, Simon Clubley wrote:
> On 2024-01-19, Mark Berryman <mark at theberrymans.com> wrote:
.
.
.
>>> Because that command is being run in the same process as the EVL listener
>>> it will not help constrain an attacker. This is because all an attacker
>>> needs to do in their shellcode is to reenable those privileges.
>>
>> IIRC, you managed to crash EVL using an insecure setup. Crashing a
>> process is much different that convincing a process to run bogus code
>> and, of course, simply crashing EVL causes its process to exit.
>>
>
> By "insecure setup", you mean using a network stack as supplied out of
> the box by a vendor selling "the world's most secure operating system" ?
No, by insecure setup I mean you allowed an untrusted host, and one not
running DECnet, access to another host's DECnet stack.
Mark Berryman
More information about the Info-vax
mailing list