LinuxQuestions.org

LinuxQuestions.org (/questions/)
-   Syndicated Linux News (http://www.linuxquestions.org/questions/syndicated-linux-news-67/)
-   -   LXer: amon.so: Hijacking System Calls For Hardening PHP - Debian Lenny And Squeeze (http://www.linuxquestions.org/questions/syndicated-linux-news-67/lxer-amon-so-hijacking-system-calls-for-hardening-php-debian-lenny-and-squeeze-874386/)

LXer 04-11-2011 03:30 PM

LXer: amon.so: Hijacking System Calls For Hardening PHP - Debian Lenny And Squeeze
 
Published at LXer:

amon.so is a library that integrates with the PHP interpreter and intercepts and manipulates the system calls provided by libc6. It replaces the execve() syscall with a custom function which does extra sanity checking in order to prevent that an attacker could execute arbitrary code on the system exploiting a vulnerability in a web-based application (such as a bugged cms). It's open-source software released under the terms of the GPL license and compatible with PHP running as a CGI process or Apache's DSO module.

Read More...


All times are GMT -5. The time now is 11:48 PM.