Beta
×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

Comments

top

Sahimo Hydrogen Vehicle Gets Over 1,300 mpg

AntiOrganic The real question (453 comments)

At 110 kilograms, how far will it fly when it gets T-boned by a Hummer?

more than 5 years ago
top

How Steam Revived a Dead Game

AntiOrganic Re:Advertising (234 comments)

With all the hype surrounding Daikatana for years prior to its release, I don't understand how anyone could accuse it of being a game with bad advertising.

more than 5 years ago
top

Locking Down Linux Desktops In an Enterprise?

AntiOrganic Re:You don't (904 comments)

Guess what? noexec doesn't do jack shit on the majority of Linux systems, and does not prevent anybody from running a. You know why? /lib/ld-linux.so.2. (On x86_64, there's also /lib64/ld-linux-x86-64.so.2.)

This little file is in the ELF header of basically every single ELF-format Linux binary, under a field called INTERP (you can see this by dumping a binary with readelf). Yes, even though the executable is a binary, it calls an interpreter to handle all of the run-time module loading. By a really obnoxious design decision in Linux that laughs in the face of security, this library, despite its .so extension, is executable by design and by necessity on every single Linux system in the world. And by passing it the path to a program as its arguments, you can run any binary your little heart desires, whether the filesystem is mounted noexec or not. You can't possibly turn this behavior off unless you have a system with no dynamically linked binaries.

I don't see why this binary couldn't have added a check to see whether or not the program it's passed is mounted on a noexec filesystem, but to this day, it doesn't care.

It's also one of the reasons Solaris guys didn't take the idea of "Linux security" seriously for a very, very, very long time.

Not all is lost, though. SELinux can prevent the system from invoking this directly, outside the context of a freshly-executed process. It just relies on SELinux being properly set up on your systems.

This still doesn't completely fix the problem. On many (most?) systems, a user can still get around this by abusing LD_PRELOAD to preload a library with the same name and same symbols as one being loaded by some arbitrary program they're executing. Then, instead of compiling an executable binary, they're stuffing their code into a library instead and abusing the system's module loader to execute it. (This was the source of Oracle's SA10043 advisory, among others. It's the application's responsibility to validate LD_PRELOAD, especially where privilege escalation can occur.)

It's safest just to assume that if the user can run any arbitrary program the administrator put there, they can also run any arbitrary program the user put there.

more than 5 years ago
top

Open Source Software For Experimental Physics?

AntiOrganic Re:Fermilab... (250 comments)

It's basically a customization of Red Hat Enterprise Linux.

more than 5 years ago
top

Examining the Beginnings of the RTS Genre

AntiOrganic Battletech: The Crescent Hawk's Revenge (1989) (135 comments)

In 1989, Westwood released a little-known game called "Battletech: The Crescent Hawk's Revenge." This game developed a lot of the ideas that would later be polished in Dune 2 and, in my opinion, deserves more credit for really kicking off the genre than Dune 2 does: Dune 2 really just took the same ideas and refined them into a more successful game.

http://en.wikipedia.org/wiki/BattleTech:_The_Crescent_Hawk's_Revenge

more than 5 years ago

Submissions

AntiOrganic hasn't submitted any stories.

Journals

AntiOrganic has no journal entries.

Slashdot Login

Need an Account?

Forgot your password?

Submission Text Formatting Tips

We support a small subset of HTML, namely these tags:

  • b
  • i
  • p
  • br
  • a
  • ol
  • ul
  • li
  • dl
  • dt
  • dd
  • em
  • strong
  • tt
  • blockquote
  • div
  • quote
  • ecode

"ecode" can be used for code snippets, for example:

<ecode>    while(1) { do_something(); } </ecode>