Friday, January 23, 2009

Bypassing syscall filtering technologies on Linux x86_64

For those interested in syscall filtering technologies, check out my latest advisory on how policies can be bypassed under certain circumstances:

http://scary.beasts.org/security/CESA-2009-001.html

There's a neat trick on the x86_64 kernel; this kernel supports both 32-bit and 64-bit processes, and interestingly, the syscall tables are different in either case. However, with a bit of trickery, a 64-bit process can call a 32-bit syscall (and visa versa), and confuse the syscall filter.

This was discovered whilst experimenting on a new security feature for vsftpd; a future post will go into this.

2 comments:

mygamebest said...

Lantern FFXIV GIL hanging up high, singing Wow Power Leveling indistinct indistinct, ambiguous buy wow gold voice aion kinah of an endless supply, Yan Yi extremely coquettish woman, the endless, is indeed maple story mesos the ancient aion power leveling red-light district, this in no way inferior to the modern dofus kamas scene.

Fei Zhuge eyes looked ffxi gil slightly greedy, the immediate metin2 yang exposure of the Courtesan clothes woman, see their own wow gold winks straight throw, breast Luanhuang, d.m.z. some color eve isk greedy, so that one knight online gold side of the purple spirit companions men stare at him, in last chaos gold the He had a rom gold waist-twisting, painful grimace atlantica gold in pain, he looked a purple Ling said: "do pinch me?"

Kamagra said...

Hey, Really great work,I would like to join your blog anyway so please continue sharing with us,