Postgres syscalls
Hello I'm an Italian student of computer science at
University of Rome "La Sapienza". I've to analyze some
daemons which run under root privileges with a tool
developed by my departement. This tool intercepts
critical syscalls, like Execve, and blocks illegal
invocation of that primitives (E.g. Execve("/bin/sh"))
performed by a daemon which runs under root
privileges. This approach blocks buffer overflow
attacks before they can complete (or I hope so). Now,
the problem is that postgres doesn' t run under root
privileges and that the tool intercepts only the
syscalls invoked by a process with root privileges. Is
possible to force postgres to run under root
privileges? How can be done? I know my request is
anomalous but i've to do this for my laboratory
project course. I should be very grateful if you'll
answer as soon as possible.
Thank you.
Diego Talucci
______________________________________________________________________
Yahoo! Foto: salva, ritocca, condividi e ordina stampe professionali
http://it.yahoo.com/mail_it/foot/?http://it.photos.yahoo.com
On Fri, 13 Dec 2002, [iso-8859-1] Diego T. wrote:
Hello I'm an Italian student of computer science at
University of Rome "La Sapienza". I've to analyze some
daemons which run under root privileges with a tool
developed by my departement. This tool intercepts
critical syscalls, like Execve, and blocks illegal
invocation of that primitives (E.g. Execve("/bin/sh"))
performed by a daemon which runs under root
privileges. This approach blocks buffer overflow
attacks before they can complete (or I hope so). Now,
the problem is that postgres doesn' t run under root
privileges and that the tool intercepts only the
syscalls invoked by a process with root privileges. Is
possible to force postgres to run under root
privileges? How can be done? I know my request is
anomalous but i've to do this for my laboratory
project course. I should be very grateful if you'll
answer as soon as possible.
You could probably just hack out the checks in main/main.c
and recompile, but postgres does call system and such to do
things (like create databases) so I'm not sure it'd be terribly
useful for you.
On 12 Dec 2002 at 16:09, Stephan Szabo wrote:
On Fri, 13 Dec 2002, [iso-8859-1] Diego T. wrote:
Hello I'm an Italian student of computer science at
University of Rome "La Sapienza". I've to analyze some
daemons which run under root privileges with a tool
developed by my departement. This tool intercepts
critical syscalls, like Execve, and blocks illegal
invocation of that primitives (E.g. Execve("/bin/sh"))
performed by a daemon which runs under root
privileges. This approach blocks buffer overflow
attacks before they can complete (or I hope so). Now,
OK..
the problem is that postgres doesn' t run under root
privileges and that the tool intercepts only the
syscalls invoked by a process with root privileges. Is
possible to force postgres to run under root
You could probably just hack out the checks in main/main.c
and recompile, but postgres does call system and such to do
things (like create databases) so I'm not sure it'd be terribly
useful for you.
I agree. Not running root is a god idea from secutiry point of view. That way
any buffer overflow attacks would be half dead as it is.
Secondly In my understanding, buffer overflow attacks can be stopped very
effectivelyif compiler has stack smashing patches. ( Or is it kernel as well?)
And do look at strace. I feel you are shooting at same target..
HTH
Bye
Shridhar
--
Grinnell's Law of Labor Laxity: At all times, for any task, you have not got
enough done today.