jeromie @
garrison .
com wrote:
>
> In my eyes, this means that if a proxy were to get
> subverted, it would not take much to subvert the chroot() setuid() calls and
> gain full access over the firewall. I would like to hear if anyone has
> comments on this issue..??
If a vagrant program subverts a proxy via buffer overruns or whatever,
with a chroot()/setuid() pair, it's not really the firewall that's in
danger. The firewall isn't (usually) the target of an attack, it is
the first line of defense which needs to be overcome to attack the real
target (the weakling systems on the inside). If I can install a
program on the firewall which listens to RED traffic on port, say, 8888
and redirects it to a selected port on the BLUE (inside) network, the
firewall is of no use in terms of security. I can use this redirector
to attack internal systems. Facilities like chroot() and setuid()
protect the firewall, and hamper efforts to determine the geography of
the internal network, but the game is still pretty much over.
- Der
--
Dermot Tynan +353 91 754608
dtynan @
ilo .
dec .
com DTN: 822-4608
Digital Equipment International BV, Galway, Ireland
References:
|
|
