On Fri, 20 Jun 2003, Greg Hudson wrote:
> On Thu, 2003-06-19 at 07:42, Bob Aiello wrote:
> > modern CM tools keep the audit log as transaction records in a
> > database (instead of a physical file).
> >
> > Since the only interface is via the tool itself, it is pretty darned hard to
> > audit the history log.
>
> That's all? Because the file format isn't plain ASCII, you think it's
> more secure?
>
> It only takes one mildly clueful hacker about half an hour (or a little
> more time, if they don't have a copy of the DB software to hack on) to
> write a script to modify the audit log or remove data from the
> repository, and then every two-bit script kiddie can do the same. The
> community that can developer buffer overflow attacks is not going to be
> stymied by a well-documented binary file format, or even an undocumented
> one.
Just to make this clear: A few years ago, in the space of 3 weeks in
between classes, I reverse engineered Microsoft's PDB codeview format (it
pretends to be documented but they consider it internal so they don't
give anywhere near the necessary info to do something useful with it), as
well as their entire C++ name mangling scheme, and extended GDB to be able
to handle both.
I was just bored during that time, too. It's not like anyone was paying
me.
Entire communities have grown up around modifying undocumented data files
and formats for various games. Heck, my brother, not even close to a
programmer, used to sit with a hex editor and figure out how to hack the
save files for whatever game he was playing at the moment.
This was before one had tools besides a good hex editor that you could use
on binary files, like scripting languages supporting unpack operations,
etc.
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@subversion.tigris.org
For additional commands, e-mail: dev-help@subversion.tigris.org
Received on Sat Jun 21 08:01:10 2003