plash
[Top][All Lists]
Advanced

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Plash] Use Case Plash


From: John McCabe-Dansted
Subject: Re: [Plash] Use Case Plash
Date: Thu, 16 Oct 2008 09:13:44 +0700

On Wed, Oct 15, 2008 at 9:59 PM, Mark Seaborn <address@hidden> wrote:
> Gregory Tappero <address@hidden> wrote:
>
>> I am new to plash and i was wondering if the following use case is a
>> good fit for plash.
>> I would like to put Gnuplot as component of a webservice without the
>> potentially dangerous system calls, as gnuplot > system 'rm -rf /' or
>> other havocs.
>
> That sounds like a good use case.  If Gnuplot turns out to have
> vulnerabilities which are exploited by an attacker, the attacker
> should only get access to whatever Gnuplot has been granted access to.
> Gnuplot is quite old and written in C so I would not be surprised if
> it has buffer overrun vulnerabilities.

Gnuplot is insecure by design. I understand that the maintainers are
not even interested in creating a secure version. Verifying Gnuplot is
almost as hard as C, see e.g.
http://www.ma.utexas.edu/pipermail/maxima/2007/005614.html

There was a discussion of adding Gnuplot to LyX but it was rejected
due to the security issues. Plash would have helped somewhat but LyX
is multiplatform. There was a suggestion that using something like
systrace to block the exec syscall might have helped.

-- 
John C. McCabe-Dansted
PhD Student
University of Western Australia




reply via email to

[Prev in Thread] Current Thread [Next in Thread]