lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <ce4571dbb6ba4d6aaf54082fc94a2e25@RAMNL-EX.Ram.nl>
Date: Fri, 7 Aug 2015 06:52:57 +0000
From: Frank Waarsenburg <fwaarsenburg@...-it.nl>
To: 'Steve Friedl' <steve@...xwiz.net>,
  'Stefan Kanthak' <stefan.kanthak@...go.de>, 'Mario Vilas' <mvilas@...il.com>
CC: 'bugtraq' <bugtraq@...urityfocus.com>,
  'fulldisclosure' <fulldisclosure@...lists.org>
Subject: RE: [FD] Mozilla extensions: a security nightmare

Time to unsubscribe from Bugtraq. I follow that list to be informed of vulnerabilities, not to get spammed by fighting ego's. Get a life.

___________________________________

Frank Waarsenburg  
Chief Information Security Officer

RAM Infotechnology

-----Original Message-----
From: Steve Friedl [mailto:steve@...xwiz.net] 
Sent: vrijdag 7 augustus 2015 8:17
To: 'Stefan Kanthak'; 'Mario Vilas'
Cc: 'bugtraq'; 'fulldisclosure'
Subject: RE: [FD] Mozilla extensions: a security nightmare

> Posting on top because that's where the cursor happens to be is like
sh*tt*ng in your pants because that's where your *ssh*l* happens to be!

Here, let me fix this for you:

> "I don't expect to be taking seriously by any technical community"

-----Original Message-----
From: Stefan Kanthak [mailto:stefan.kanthak@...go.de]
Sent: Thursday, August 06, 2015 12:33 PM
To: Mario Vilas
Cc: bugtraq; fulldisclosure
Subject: Re: [FD] Mozilla extensions: a security nightmare

"Mario Vilas" <mvilas@...il.com> wrote:

> W^X applies to memory protection, completely irrelevant here.

I recommend to revisit elementary school and start to learn reading!

http://seclists.org/bugtraq/2015/Aug/8

| JFTR: current software separates code from data in virtual memory and
|       uses "write xor execute" or "data execution prevention" to
|       prevent both tampering of code and execution of data.
|       The same separation and protection can and of course needs to be
|       applied to code and data stored in the file system too!

> Plus you're saying in every situation when a user can overwrite its 
> own binaries in its own home folder it's a bug

Again: learn to read!

<http://seclists.org/bugtraq/2015/Aug/14>

| No. Writing executable code is NOT the problem here.
| The problem is running this code AFTER it has been tampered.
| (Not only) Mozilla but does NOT detect tampered code.

> - that would make every single Linux distro vulnerable whenever you 
> install some software in your own home directory that only you can use.

# mount /home -onoexec

> If you're talking about file and directory permissions it makes sense 
> to talk about privilege escalation.

No.

> But I don't think you really understand those security principles 
> you're citing. For example, can you give me an example of an attack
scenario?

The attack vector is OBVIOUS, exploitation is TRIVIAL.

> Also, take a chill pill. Your aggressive tone isn't really helping you 
> at all.

Posting on top because that's where the cursor happens to be is like sh*tt*ng in your pants because that's where your *ssh*l* happens to be!

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ