DaemonForums  

Go Back   DaemonForums > Other Operating Systems > Other BSD and UNIX/UNIX-like

Other BSD and UNIX/UNIX-like Any other flavour of BSD or UNIX that does not have a section of its own.

Reply
 
Thread Tools Display Modes
  #1   (View Single Post)  
Old 15th October 2008
Mr-Biscuit Mr-Biscuit is offline
Banned
 
Join Date: May 2008
Posts: 272
Thanked 0 Times in 0 Posts
Default vbox: possible exploit

Problems: VirtualBox compiler kBuild changes permissions on already installed files. USB linked between host and guest allows read/write/acces permissions to such devices. Current flash exploit- cam jacking.

If the guest machine is Windows and the browser is IE or firefox unsecured, a malicious person can take control of the device that is linked to the guest.
Reply With Quote
  #2   (View Single Post)  
Old 16th October 2008
Mr-Biscuit Mr-Biscuit is offline
Banned
 
Join Date: May 2008
Posts: 272
Thanked 0 Times in 0 Posts
Default

Now I am glad for BSD security. These weaknesses open up a world of exploits.
Reply With Quote
  #3   (View Single Post)  
Old 16th October 2008
TerryP's Avatar
TerryP TerryP is offline
Arp Constable
 
Join Date: May 2008
Location: USofA
Posts: 1,547
Thanked 112 Times in 104 Posts
Default

And VirtualBox doesn't run on most BSDs *yet*
__________________
My Journal

Thou shalt check the array bounds of all strings (indeed, all arrays), for surely where thou typest ``foo'' someone someday shall type ``supercalifragilisticexpialidocious''.
Reply With Quote
  #4   (View Single Post)  
Old 17th October 2008
Mr-Biscuit Mr-Biscuit is offline
Banned
 
Join Date: May 2008
Posts: 272
Thanked 0 Times in 0 Posts
Default

The first problem I was shown with the vbox was the kbuild system. A good list of binaries it changes permissions. The second problem was that it won't run on amd64. A debian user posted his output and the answer basically was, "Sorry, can't handle it." (He was trying to run a 32bit system with a host that had a 64bit environment. Since vbox needs 32bit libraries to run, it hasn't been ported yet. I had the exact same problem as he did when trying to build it on FreeBSD amd64 release 7. If two different OS's with the same architecture have the same build errors, your application hasn't been ported. This will cause a problem in future releases.) Third problem was shown on an Arch Linux wiki when a developer stated that a security hole is opened up when you give permissions to a possible unsecured source for a USB device. I remembered the flash exploit, the instability of IE, and the fact that Windows has no real user control. Now take all of that plus that Linux allows any user access to root.

The exploit is easy to setup.

In fact, any exploit which allows access to a device can be passed to the host. I call these "tunnel exploits."
Security holes are not patched by the developers nor are they using the FreeBSD stable release to build.

Another problem that was pointed out to me by a FreeBSD hacker is that some of the newer parts of kbuild are similar to FreeBSD make. Code stealing, hmm? License breaking, hmm? Wasn't there something recently about DeRaadt and the GPL and now this?

Last edited by Mr-Biscuit; 17th October 2008 at 11:16 AM.
Reply With Quote
  #5   (View Single Post)  
Old 17th October 2008
adamk adamk is offline
Spam Deminer
 
Join Date: May 2008
Posts: 250
Thanked 5 Times in 8 Posts
Default

Quote:
Originally Posted by Mr-Biscuit View Post
Another problem that was pointed out to me by a FreeBSD hacker is that some of the newer parts of kbuild are similar to FreeBSD make. Code stealing, hmm? License breaking, hmm? Wasn't there something recently about DeRaadt and the GPL and now this?
'similar to' is now the same as code stealing and license breaking? That's quite a conclusion you've made there.

Adam
Reply With Quote
  #6   (View Single Post)  
Old 17th October 2008
BSDfan666 BSDfan666 is offline
Real Name: N/A, this is the interweb.
Helpful companion
 
Join Date: Apr 2008
Location: Ontario, Canada
Posts: 2,223
Thanked 193 Times in 184 Posts
Default

s/now/not ;-)

Just lending you a hand adam.
Reply With Quote
  #7   (View Single Post)  
Old 18th October 2008
Mr-Biscuit Mr-Biscuit is offline
Banned
 
Join Date: May 2008
Posts: 272
Thanked 0 Times in 0 Posts
Default

A little extreme, perhaps but.....

"On the other hand (I'm not a makefile expert), browsing through
http://svn.netlabs.org/kbuild/wiki/kmk it looks like most "new" features
are present in FreeBSD's make, though in a different form (and were
probably implemented ages ago so they just went ahead and reinvented the
wheel again). For example:

# Explicit multi-target rules, i.e. explicit make rules that output more
than one file.

make(1): "Dependency lines consist of one or more targets, an operator... "

# Prepend assignment operator

I think you can do this with regular variable expansion.

# The special .NOTPARALLEL goal has been extended...

The .NOTPARALLEL goal exists, but it looks like it's not "extended".
Anyway it doesn't matter."


There is too much in common.


"FreeBSD's make doesn't have many builtin functions but arithmetic
operations work by default (".if $a < 10"). There are no binary
operators. Some string functions are present as operators (like "O -
Order every word in the variable alphabetically"). You can simulate many
functions and operators by invoking shell scripts.

# A bunch of builtin utilities which will be invoked without spawning
new process or shell. Most of these are taken from BSD. (cp, echo, cat,
append...)

Though it says they came from BSD, I can't find anything about builtin
utilities in make(1). Just use regular shell utilities."


It isn't released under a BSD license.

"VirtualBox is a family of powerful x86 virtualization products for enterprise as well as home use. Not only is VirtualBox an extremely feature rich, high performance product for enterprise customers, it is also the only professional solution that is freely available as Open Source Software under the terms of the GNU General Public License (GPL). See "About VirtualBox" for an introduction."


This is my opinion.
Reply With Quote
  #8   (View Single Post)  
Old 18th October 2008
BSDfan666 BSDfan666 is offline
Real Name: N/A, this is the interweb.
Helpful companion
 
Join Date: Apr 2008
Location: Ontario, Canada
Posts: 2,223
Thanked 193 Times in 184 Posts
Default

You can't copyright ideas, when you do, it's called a patent.. and as you know, patents are lame.

Anyway, if you think taking an idea and reimplementing it is bad, you might want to do a little more research..
Reply With Quote
  #9   (View Single Post)  
Old 18th October 2008
Mr-Biscuit Mr-Biscuit is offline
Banned
 
Join Date: May 2008
Posts: 272
Thanked 0 Times in 0 Posts
Default

I'll end my part in this post with,
"Give credit where credit is due."
No BSD license for BSD parts used, no credit given. License isn't followed, sounds like stealing to me. Re-implement? Yes, by all means but refer back to the previous statement.
Reply With Quote
Old 18th October 2008
TerryP's Avatar
TerryP TerryP is offline
Arp Constable
 
Join Date: May 2008
Location: USofA
Posts: 1,547
Thanked 112 Times in 104 Posts
Default

From the FreeBSD src/COPYRIGHT.

Quote:
Originally Posted by eula
Copyright (C) 1992-2008 The FreeBSD Project. All rights reserved.

Redistribution and use in source and binary forms, with or without
modification, are permitted provided that the following conditions
are met:
1. Redistributions of source code must retain the above copyright
notice, this list of conditions and the following disclaimer.
2. Redistributions in binary form must reproduce the above copyright
notice, this list of conditions and the following disclaimer in the
documentation and/or other materials provided with the distribution.

THIS SOFTWARE IS PROVIDED BY AUTHOR AND CONTRIBUTORS ``AS IS'' AND
ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
ARE DISCLAIMED. IN NO EVENT SHALL AUTHOR OR CONTRIBUTORS BE LIABLE
FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
SUCH DAMAGE.
This tells me, show the codes origin and generic "don't sue us" message; and do what ever the hell you want, even eat it like cheese.


Most of the older stuff (cat, head, etc) still has a forth clause about not using the name of the University nor the names of its contributors as an endorsement without permission. Some even older stuff still has the removed 3rd clause still sitting their and a note in src/COPYING that it is nullified.


So, as long as they have not forgotten the 2nd clause of the license, they are not likely doing anything wrong IMHO. And apparently, it's fairly obvious there is BSD code used, which aside from the disclaimer serves the main point of the 1st clause.



BSD License != RMS License
__________________
My Journal

Thou shalt check the array bounds of all strings (indeed, all arrays), for surely where thou typest ``foo'' someone someday shall type ``supercalifragilisticexpialidocious''.
Reply With Quote
Reply

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
Linking and building vbox Mr-Biscuit FreeBSD General 3 3rd October 2008 08:27 AM
Generic PHP Exploit hunteronline FreeBSD Security 9 19th August 2008 09:45 PM
Attention A Nwe Local Root Exploit t4y4n OpenBSD General 6 2nd July 2008 01:23 AM


All times are GMT. The time now is 08:01 PM.


Powered by vBulletin® Version 3.8.4
Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
Content copyright © 2007-2010, the authors
Daemon image copyright ©1988, Marshall Kirk McKusick