[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: [Full-Disclosure] Re: bzip2 bombs still causes problems in antivirus-software

To: full-disclosure@lists.netsys.com, bugtraq@securityfocus.com
Subject: RE: [Full-Disclosure] Re: bzip2 bombs still causes problems in antivirus-software
From: Steve Wray <steve.wray@paradise.net.nz>
Date: Sun, 11 Jan 2004 09:24:13 +1300

> Dr. Peter Bieringer
> 
> Steve Wray schreibt: 
> 
> > It would probably be a good idea to implement ulimit
> > restrictions on the user that the software runs as.
> 
> Mostly "root"...and this will cause sure other fun, looks 
> like some software didn't expect that file system runs out-of-space
and still 
> hang and have no fail-safe mechanism here... 

If your antivirus software (which, by definition, is routinely exposed
to 'malware') runs as root, then you have worse potential issues than
just a bzip bomb consuming resources.


_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

Follow-Ups:
- RE: [Full-Disclosure] Re: bzip2 bombs still causes problems in antivirus-software
  - From: "Dr. Peter Bieringer" <pbieringer@aerasec.de>

References:
- [Full-Disclosure] Re: bzip2 bombs still causes problems in antivirus-software
  - From: "Dr. Peter Bieringer" <pbieringer@aerasec.de>

Prev by Date: Re: [inbox] Re: [Full-Disclosure] 3 new MS patches next week... but none fix
Next by Date: shell command (was: [Full-Disclosure] gcc: Internal compiler error: program cc1 got fatal signal 11)
Previous by thread: [Full-Disclosure] Re: bzip2 bombs still causes problems in antivirus-software
Next by thread: RE: [Full-Disclosure] Re: bzip2 bombs still causes problems in antivirus-software
Index(es):
- Date
- Thread