[PATCH 0/1] *** SUBJECT HERE ***
Thomas Koeller
thomas at koeller.dyndns.org
Fri Mar 13 05:51:27 AEDT 2020
On 12.03.20 19:09, Christoph Anton Mitterer wrote:
> On Wed, 2020-03-11 at 21:39 +0100, Thomas Koeller wrote:
> IMO, the idea itself sounds not the best... one must assume that such
> invoked programs are not written "safe"... and thus an attacker could
> potentially cause the system to run such programs a huge number of
> times.
As the anticipated action of the program is to blacklist hosts, this
would require some kind of DDOS attack, using a botnet or the like.
>
> Maybe they take a while to finish (or in error case: do not finish a
> all) thus causing DoS.
>
> Not to talk about further complex scenarios where such invocation might
> be used for analysis or other forms of attacks.
While it is certainly true that poorly written programs can do harm,
please keep in mind that the only way for an attacker to interact with
the spawned program is to cause it to run. He cannot influence what the
program does, so any problems it may cause are the writer's fault.
Thomas
More information about the openssh-unix-dev
mailing list