Re: 3.0 wishlist Was: Overview of 2.2.x goals?

linux kernel account (
Thu, 22 Jan 1998 13:39:53 -0500 (EST)

On 22 Jan 1998, Andi Kleen wrote:

> Dan Hollis <> writes:
> > > * Anti-exec-stack option
> >
> > We *really* need this. Doesn't solaris already have it?
> This will only stop current cut'n'paste exploits. When Linux has it as
> standard exploit writers will quickly adapt to it (as shown numerous times),
> and you have the same situation.
> -A.

Although, you are partialy right, you have failed to consider all that
goes into that form of exploit:

*there must be a bin that has an overflow
*it must be suid
*the attacker must be able to run it
*the attacker must either create an exploit or get a canned one

With the patch

*the attacker must form the attack into one of the few ways allowed by the
stack patch..

I would guess that very few apps can be exploited with this patch..

When the orignal patch was posted, I offered $50 to anyone who could
produce an exploit for any version of linux running that kernel.. No one
took me up on it..

So, while not perfect, it does make it harder..