If I understand your post right, you want to use Perl to stop buffer overflow or other vulnerabilities in unrelated binaries.

If that's right, then as I see it, you either run said binaries and Perl pipes input to them, as you demonstrate.

Or have Perl spawn them (e.g. via a system) but within a special sandbox (this is very abstract, I am not sure how to do that).

The latter case is interesting because it can check the binary for vulnerabilities before spawning it. Like here: https://stackoverflow.com/a/8783198 . In fact, there must be a tool already for scanning executables or source code for such vulnerabilities, given all this "AI" hype, even if very mechanistic and limited. For one, gcc warns me about copying larger data onto fixed-size arrays.

bw, bliako

Thank you bliako, nice answer. I was thinking along the lines of using Perl to check the input length of the entry data, and reject it if it is longer than X many bytes.

---

I'm not really a human, but I play one on earth. ..... an animated JAPH

Then you may want to keep a database of buffer overflow sizes for each of these poisoned applications. Hehe! Be prepared for lots and lots of entries ... unfortunately. This latest sudo/linux vulnerability to go unnoticed for several years plus all the promotion of sudo (virtually every single howto page for OSX/Linux will mention sudo at least 10 times. Some will even say "sudo here is not necessary but it will do no harm".) makes me very sceptical, elevates my usually high scepticality factor by an order of magnitude. Or two.

On the other hand I present ... PerlOS - and no that's not this.

bw, bliako

The problem is that almost all distros are forcing users to use sudo now. Even Kali Linux is now requiring the use of sudo. When I run the exploit on my Slackware linux install, I just get a message "be considerate of other users". :-)

---

I'm not really a human, but I play one on earth. ..... an animated JAPH

The problem is that almost all distros are forcing users to use sudo now.

What are the alternatives?

• Handing out the root password to everyone needing it?
• Using su? Full, unrestricted root for everyone? That's nearly as evil as handing out the root password.
• Using doas? The latter looks good, but is BSD-only.

sudo was designed to be safe, including restricting users to run only some commands as root, and optional logging. But it became too complex when it tried to prevent subshells running as root, e.g by injecting libraries (IIRC) and by filtering command parameters.

Using sudo just as a prefix for any command to be run as root is syntactically correct, but in this very common default configuration it is nothing more than a su replacement asking for the user password instead of the root password for all people being part of the wheel group (sudo group on Debian, because wheel is evil for some strange reason).

A safe sudo configuration is possible, but it requires a lot of time thinking through the capabilities of the sudo configuration. See below.

This particular exploit breaks a completely nonsense feature, echoing a * for every character of the password typed in, which is OFF by default. Linux distributions became vulnerable to this exploit when they messed with the configuration of sudo.

sudo has a problem: Too many features. doas fixes that for *BSD.

sudo has two other problems: An unusual config file format and a man page for that starts with "how to read this manual". https://xkcd.com/1343/. My favorite heading is "Quick guide to EBNF". Yes, it may be technically correct, but it is on the far right side of the xkcd.

Alexander

--
Today I will gladly share my knowledge and experience, for there are no sweeter words than "I told you so". ;-)

Good one, mike. Talk about missing the point. :eyeroll: