[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: propolice

To: <misc@openbsd.org>
Subject: Re: propolice
From: Peter Fairbrother <zenadsl6186@zen.co.uk>
Date: Mon, 02 Dec 2002 09:43:09 +0000
User-Agent: Microsoft Outlook Express Macintosh Edition - 5.01 (1630)

Theo de Raadt wrote:

> the new snapshots leaking out contain propolice in the compiler.  this
> means that binaries compiled upon these snapshots will NOT run on
> older systems; there is an upcoming half-flag day for this.  miod will
> be providing more information within a day when this goes into the
> tree, but I just wanted to give an early alert.
> 
> if you want to find out what propolice is, and are too dense to use
> google, please go back in kindergarden.
> 
> 

Propolice relies on a random guard variable that is unknown to an attacker,
and which cannot be determined without local root privileges.

However, an attacker could load a compiled package on a machine on which he
does have root and determine the value.

So any protection would not apply to pre-compiled packages.

I may be wrong here, if so would someone please let me know how.

-- 
Peter Fairbrother

(I guess my antipathy to "bolt-on" security is well known. Didn't we have an
argument about this about a year ago? At the time you rejected putting
buffer-overflow protection into a compiler because "it would break too
much". Fine, but why add an insecure/ineffective feature if you've changed
your mind?)

(dons flameproof suit)

Follow-Ups:
- Re: propolice
  - From: Theo de Raadt <deraadt@cvs.openbsd.org>
- Re: propolice
  - From: Theo de Raadt <deraadt@cvs.openbsd.org>
- Re: propolice
  - From: Miod Vallat <miod@online.fr>

References:
- propolice
  - From: Theo de Raadt <deraadt@cvs.openbsd.org>

Prev by Date: ha ha
Next by Date: Re: propolice
Prev by thread: propolice
Next by thread: Re: propolice
Index(es):
- Date
- Thread