From mboxrd@z Thu Jan  1 00:00:00 1970
From: "Dmitry V. Levin" <ldv@alt-linux.org>
To: devel@altlinux.ru
Message-ID: <20010529111411.A27359@ldv.office.alt-linux.org>
Mail-Followup-To: devel@altlinux.ru
Mime-Version: 1.0
Content-Type: multipart/signed; micalg=pgp-sha1;
	protocol="application/pgp-signature"; boundary="HcAYCG3uE/tztfnV"
Content-Disposition: inline
X-fingerprint: 9658 398D 181B 1200 8FC5  26B8 F6F8 846B C1E2 3429
Subject: [devel] [lcamtuf@bos.bindview.com: insecure signal handler design]
Sender: devel-admin@linux.iplabs.ru
Errors-To: devel-admin@linux.iplabs.ru
X-BeenThere: devel@linux.iplabs.ru
X-Mailman-Version: 2.0
Precedence: bulk
Reply-To: devel@linux.iplabs.ru
List-Help: <mailto:devel-request@linux.iplabs.ru?subject=help>
List-Post: <mailto:devel@linux.iplabs.ru>
List-Subscribe: <http://www.logic.ru/mailman/listinfo/devel>,
	<mailto:devel-request@linux.iplabs.ru?subject=subscribe>
List-Id: IPLabs Linux Team Developers mailing list <devel.linux.iplabs.ru>
List-Unsubscribe: <http://www.logic.ru/mailman/listinfo/devel>,
	<mailto:devel-request@linux.iplabs.ru?subject=unsubscribe>
List-Archive: <http://www.logic.ru/pipermail/devel/>
X-Original-Date: Tue, 29 May 2001 11:14:12 +0400
Date: Tue, 29 May 2001 11:14:12 +0400
Archived-At: <http://lore.altlinux.org/devel/20010529111411.A27359@ldv.office.alt-linux.org/>
List-Archive: <http://lore.altlinux.org/devel/>
List-Post: <mailto:devel@altlinux.org>


--HcAYCG3uE/tztfnV
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline

----- Forwarded message from Michal Zalewski <lcamtuf@bos.bindview.com> -----

Date: Mon, 28 May 2001 18:10:16 -0400 (EDT)
From: Michal Zalewski <lcamtuf@bos.bindview.com>
To: BUGTRAQ@SECURITYFOCUS.COM
Cc: SECPROG@SECURITYFOCUS.COM, SECPAPERS@SECURITYFOCUS.COM
Subject: insecure signal handler design
X-Nmymbofr: Nir Orb Buk


We are proud to announce our new security paper, "Delivering signals for
fun and profit". This paper is an attempt to discuss security aspects of
very common signal handler coding practices, describing theoretical
background and demonstrating actual attack scenarios against live code in
Unix environment.

The paper is available at:

  http://razor.bindview.com/publish/papers/signals.txt

For your convenience, it is attached to this message as well (20 kB). Your
feedback would be greatly appreciated.

-- 
_____________________________________________________
Michal Zalewski [lcamtuf@bos.bindview.com] [security]
[http://lcamtuf.coredump.cx] <=-=> bash$ :(){ :|:&};:
=-=> Did you know that clones never use mirrors? <=-=

----- End forwarded message -----

Regards,
	Dmitry

+-------------------------------------------------------------------------+
Dmitry V. Levin     mailto://ldv@alt-linux.org
ALT Linux Team      http://www.altlinux.ru/
Fandra Project      http://www.fandra.org/
+-------------------------------------------------------------------------+
UNIX is user friendly. It's just very selective about who its friends are.

--HcAYCG3uE/tztfnV
Content-Type: application/pgp-signature
Content-Disposition: inline

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.5 (GNU/Linux)
Comment: For info see http://www.gnupg.org

iD8DBQE7E0xD9viEa8HiNCkRAovmAJ9Zv5v80gPBf/0i7UUvhiw7hU5TgACfWKlp
4Jns6dRaKeE/tkJELElEH9g=
=7KXe
-----END PGP SIGNATURE-----

--HcAYCG3uE/tztfnV--
_______________________________________________
Devel mailing list
Devel@linux.iplabs.ru
http://www.logic.ru/mailman/listinfo/devel