[snip]
> Where do you think script kiddies get their exploit scripts from? They
> don't write them themselves: The real crackers share them with the
> community. Just like the hacker community shares patches and cool
> programs. So you can keep out 99.99% only until one of the 0.01% finds out
> a way around it. The danger of "nonexecutable stack" is that it creates a
> sense of security, which might be justified as long as it is rare. Once it
> becomes widespread, it will be useless in short time, and _everybody_ will
> have to pay the cost for nothing at all, while feeling smugly secure.
Here is where the real argument lives.
You are claiming that the patch adds no real security. You clame it does
nothing more then moving to a non-popular arch would do.
I disagree. The patch actually makes creating this type of attack much
harder, and in some cases impossible.
The effectiveness of this patch comes from two places:
A) It's rare and breaks all existing attacks.
B) I actually makes that class of attack harder to accomplish.
Just because A will go away if this patch were everywhere, you still
derrive additional security from B.
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.rutgers.edu
Please read the FAQ at http://www.tux.org/lkml/