Re: [PATCH] this patch add a possibility to add a random offset to the stack on exec.

From: Alan Cox (alan@lxorguk.ukuu.org.uk)
Date: Thu Aug 23 2001 - 07:47:31 EST


> "Add a possibility to add a random offset to the stack on exec. This makes
> it slightly harder to write generic buffer overflows. This doesn't really
> give any real security, but it raises the bar for script-kiddies and it's
> really cheap."

Its so slight its useless, and the randomness makes it hard to verify you
fixed a problem. Remember once an exploit appears a box will get scanned
hundreds of times - someone will get the right offset 8)

There is another good reason for offseting stacks within the page -
especially the kernel stacks which is to avoid things like each apache
task sleeping with wait queues on the same cache colour
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/



This archive was generated by hypermail 2b29 : Thu Aug 23 2001 - 21:00:56 EST