Re: Greetings and salutations

If I understand your post right, you want to use Perl to stop buffer overflow or other vulnerabilities in unrelated binaries.

If that's right, then as I see it, you either run said binaries and Perl pipes input to them, as you demonstrate.

Or have Perl spawn them (e.g. via a system) but within a special sandbox (this is very abstract, I am not sure how to do that).

The latter case is interesting because it can check the binary for vulnerabilities before spawning it. Like here: https://stackoverflow.com/a/8783198 . In fact, there must be a tool already for scanning executables or source code for such vulnerabilities, given all this "AI" hype, even if very mechanistic and limited. For one, gcc warns me about copying larger data onto fixed-size arrays.

bw, bliako

Comment on Re: Greetings and salutations \| sudo

Replies are listed 'Best First'.
Re^2: Greetings and salutations \| sudo by zentara (Cardinal) on Feb 07, 2020 at 19:20 UTC
Thank you bliako, nice answer. I was thinking along the lines of using Perl to check the input length of the entry data, and reject it if it is longer than X many bytes. I'm not really a human, but I play one on earth. ..... an animated JAPH	[reply]
Re^3: Greetings and salutations \| sudo \| PerlOS by bliako (Abbot) on Feb 08, 2020 at 12:42 UTC
Then you may want to keep a database of buffer overflow sizes for each of these poisoned applications. Hehe! Be prepared for lots and lots of entries ... unfortunately. This latest sudo/linux vulnerability to go unnoticed for several years plus all the promotion of sudo (virtually every single howto page for OSX/Linux will mention sudo at least 10 times. Some will even say "sudo here is not necessary but it will do no harm".) makes me very sceptical, elevates my usually high scepticality factor by an order of magnitude. Or two. On the other hand I present ... PerlOS - and no that's not this. bw, bliako	[reply]
Re^4: Greetings and salutations \| sudo \| PerlOS by zentara (Cardinal) on Mar 02, 2020 at 22:02 UTC
From what I can see now, the best way to make money programming is secretly put backdoors into software, and then secretly sell the exploit to the 3 letter agencies. Sudo makes it easy. :-) I'm not really a human, but I play one on earth. ..... an animated JAPH	[reply]
Re^5: Greetings and salutations \| sudo \| PerlOS by Anonymous Monk on Mar 03, 2020 at 13:59 UTC