Re: [Plash] Use Case Plash

plash

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Plash] Use Case Plash

From:	John McCabe-Dansted
Subject:	Re: [Plash] Use Case Plash
Date:	Thu, 16 Oct 2008 09:10:28 +0700

On Wed, Oct 15, 2008 at 9:59 PM, Mark Seaborn <address@hidden> wrote:
> Gregory Tappero <address@hidden> wrote:
>
>> I am new to plash and i was wondering if the following use case is a
>> good fit for plash.
>> I would like to put Gnuplot as component of a webservice without the
>> potentially dangerous system calls, as gnuplot > system 'rm -rf /' or
>> other havocs.
>
> That sounds like a good use case.  If Gnuplot turns out to have
> vulnerabilities which are exploited by an attacker, the attacker
> should only get access to whatever Gnuplot has been granted access to.
> Gnuplot is quite old and written in C so I would not be surprised if
> it has buffer overrun vulnerabilities.

Gnuplot is insecure by design. I understand that the maintainers are
not even interested in creating a secure version. Verifying Gnuplot is
almost as hard as C, see e.g.
http://www.ma.utexas.edu/pipermail/maxima/2007/005614.html

There was a discussion of adding Gnuplot to LyX but it was rejected
due to the security issues. Plash would have helped somewhat but LyX
is multiplatform. There was a suggestion that using something like
systrace to block the exec syscall might have helped.

-- 
John C. McCabe-Dansted
PhD Student
University of Western Australia

[Prev in Thread]

Current Thread

[Next in Thread]

[Plash] Use Case Plash, Gregory Tappero, 2008/10/08
- Re: [Plash] Use Case Plash, Mark Seaborn, 2008/10/15
  - Re: [Plash] Use Case Plash, John McCabe-Dansted <=
  - Re: [Plash] Use Case Plash, John McCabe-Dansted, 2008/10/15

Prev by Date: Re: [Plash] Use Case Plash
Next by Date: Re: [Plash] Use Case Plash
Previous by thread: Re: [Plash] Use Case Plash
Next by thread: Re: [Plash] Use Case Plash
Index(es):
- Date
- Thread