Cambridge Researcher Breaks OpenBSD Systrace

An anonymous reader writes "University of Cambridge researcher Robert Watson has published a paper at the First USENIX Workshop On Offensive Technology in which he describes serious vulnerabilities in OpenBSD's Systrace, Sudo, Sysjail, the TIS GSWTK framework, and CerbNG. The technique is also effective against many commercially available anti-virus systems. His slides include sample exploit code that bypasses access control, virtualization, and intrusion detection in under 20 lines of C code consisting solely of memcpy() and fork(). Sysjail has now withdrawn their software, recommending against any use, and NetBSD has disabled Systrace by default in their upcoming release."

no

[rubycodez]

these are exploits for a local user on system, anyone who puts a machine on the internet and lets people log into actual Unix accounts deserves what they get.

MOD PARENT DOWN

Offtopic

So much for security

Seems like, as always, claims of somehow being "more secure" than Windows always ends up falling flat.

I wonder how many years these vulnerabilities were exploited by hackers before discovered by researchers?

I guess that's the difference between MS's pro-active stance on security, and the FOSSie (and Apple) "active denial" stance (ie. they assume they are secure until it's too obvious to deny, then they fix, then they go right bact to assuming they are secure).

Re:OpenBSD Security

Why the insult? Because they deserve it, especially Theo de Raadt. Ask the NetBSD core team what they think of him. Not to mention his arrogance when he was caught with his hand in the cookie jar stealing, er, I mean, unwittingly borrowing (!) the GPLed code for Linux' Broadcom bcm43xx driver and putting it in OpenBSD. Sorry, but he and the rest of the OpenBSD crowd deserve the ridicule they are getting. I'm sure that all 12 of the OpenBSD users out there must be embarrassed.