Re: 3.0 wishlist Was: Overview of 2.2.x goals?

linux kernel account (
Thu, 22 Jan 1998 13:47:48 -0500 (EST)

On Thu, 22 Jan 1998 wrote:
> It has side effects. It needs an ugly special case to detect legitimate
> uses of stack code (e.g. gcc trampolines), which may fail with more
> obscure compilers or interpreters that do this. My point actually was
> only that the security improvement of this change is not as high as many
> think.

It doesn't have side effects if it's turned off.. :)

> > This is an imperfect world, and rejecting something because it isn't
> > perfect doesn't help. It won't *force* applications to be more
> > careful, which is what some may hope for.
> That is irrelevant, because it needs only a slight adaption by the
> exploit writers.

Absoulty Untrue. I offered cash, a few said they'd try. I got no
responce.. If it were that easy.. :)

A 'slight adaption' isn't always possible when you are trying to overflow
a buffer..

> >
> > "The point of locks on your house is not to stop burglars, but to make
> > it harder for them so that they try the next house down the street".
> "Using antibiotica carelessly harms more in the long run, because the
> bacteria becomes immune, so it won't work when you really need it"
> (OK, not 100% accurate)
Actually, 100% unrelated.
> -A.