[Info-vax] Kernel Transplantation
Simon Clubley
clubley at remove_me.eisner.decus.org-Earth.UFP
Mon Jan 22 08:12:43 EST 2024
On 2024-01-20, Mark Berryman <mark at theberrymans.com> wrote:
> On 1/19/24 11:44 AM, Simon Clubley wrote:
>> On 2024-01-19, Mark Berryman <mark at theberrymans.com> wrote:
> .
> .
> .
>>>> Because that command is being run in the same process as the EVL listener
>>>> it will not help constrain an attacker. This is because all an attacker
>>>> needs to do in their shellcode is to reenable those privileges.
>>>
>>> IIRC, you managed to crash EVL using an insecure setup. Crashing a
>>> process is much different that convincing a process to run bogus code
>>> and, of course, simply crashing EVL causes its process to exit.
>>>
>>
>> By "insecure setup", you mean using a network stack as supplied out of
>> the box by a vendor selling "the world's most secure operating system" ?
>
> No, by insecure setup I mean you allowed an untrusted host, and one not
> running DECnet, access to another host's DECnet stack.
>
Oh, I see Mark. So you mean just like every public node on the Internet is
supposed to handle without instantly falling over ? :-) (And which gets
fixed when something unexpected is found ?)
Simon.
--
Simon Clubley, clubley at remove_me.eisner.decus.org-Earth.UFP
Walking destinations on a map are further away than they appear.
More information about the Info-vax
mailing list