[7439] in bugtraq
Re: Fwd: Any user can panic OpenBSD machine
daemon@ATHENA.MIT.EDU (Cy Schubert)
Tue Jul 28 21:56:19 1998
Date: Tue, 28 Jul 1998 13:41:59 -0700
Reply-To: Cy Schubert - ITSD Open Systems Group <cschuber@uumail.gov.bc.ca>
From: Cy Schubert <cschuber@PASSER.OSG.GOV.BC.CA>
X-To: Kragen <kragen@POBOX.COM>
To: BUGTRAQ@NETSPACE.ORG
In-Reply-To: Your message of "Tue, 28 Jul 1998 12:32:17 EDT."
<Pine.GSU.4.02.9807281226520.15906-100000@picard.dnaco.net>
> On Mon, 27 Jul 1998, Theo de Raadt wrote:
> > Whoopty doo -- another way to crash another operating system has been
> > reported. This is twice now that a 'local' OpenBSD crash has made it
> > to bugtraq as if it were a typical exploit. Does this now mean
> > bugtraq is open ground for reporting any way to crash a multiuser
> > operating system? I bet there are plenty of ways to crash any
> > operating system, if you have a local account.
>
> There are operating systems -- KeyKOS and MVS, for example -- in which
> making this impossible is an explicit design goal. I do not believe
> there are any known local-DoS exploits for either of these two OSes.
There have been no published MVS exploits, however I have seen two
exploits over the years and one TSO UADS exploit (pre-RACF/ACF2/Top
Secret). Regarding exploits of locally written APF authorized
programs, I've only seen one.
What makes MVS (and VM) so impervious to attack is that the S/390
hardware doesn't rely on a stack, making effective buffer overruns
considerably more difficult. (A little off topic :)
Regards, Phone: (250)387-8437
Cy Schubert Fax: (250)387-5766
Open Systems Group Internet: cschuber@uumail.gov.bc.ca
ITSD Cy.Schubert@gems8.gov.bc.ca
Government of BC
