security - What condition in which a user application , or more detaily a process run as root in UNIX or SYSTEM in Windows -


what condition in user application , or more detaily process run root in unix or system in windows, might become target of buffer overflow attacks run shellcode. see on net, simple c as

#include <stdio.h> #include <string.h> void func(char *name) { char buf[100]; strcpy(buf, name); printf("welcome %s\n", buf); }  int main(int argc, char *argv[]) { func(argv[1]); return 0; } 

it can become premise buffer overflow attack , running shellcode in unix. focusing question on program or process permission

there quite few attack vectors when looking @ privileged processes privileged processes. first setuid bit, regular user invokes setuid application , acquires effective userid of owner of file. next way comes mind via linux capabilities. capabilities more granular version of setuid, see man getcap more information. 1 additional way via network or ipc interfaces such unix sockets, named pipes, tcp or udp sockets, etc) exposed long-living processes (daemons)


Comments

Popular posts from this blog

php - Vagrant up error - Uncaught Reflection Exception: Class DOMDocument does not exist -

vue.js - Create hooks for automated testing -

Add new key value to json node in java -