On Wed, 3 Jan 2001, Dan Hollis wrote:
> On Wed, 3 Jan 2001, Gerhard Mack wrote:
> > On Wed, 3 Jan 2001, Dan Hollis wrote:
> > > On Wed, 3 Jan 2001, Gerhard Mack wrote:
> > > > Your comparing actual security with stack guarding? Stack guarding mearly
> > > > makes the attack diffrent.. rootkits are already available to defeat it.
> > > url?
> > Ugh do you have any idea how hard it is to find 2 year old exploits?
> > Heres the best I could find on short notice:
> > http://www.insecure.org/sploits/non-executable.stack.problems.html
> > http://darwin.bio.uci.edu/~mcoogan/bugtraq/msg00335.html
>
> You said there were rootkits specifically targetting stackguard.
>
> These URLs simply describe attacks on stackguard, where are the
> stackguard rootkits?
I'll correct myself then: there were non exec stack patches. Keep in
mind part of the problem is that some compilors actually use that feature
look up "trampolines" for more info.
Also I was in error to refer to it as stack guarding.. Stack guard is a
compilor. I acually use libsafe it's preferable for 2 reasons.
1 It's entirely userspace and it works fine.
2 If someone manages to render it useless I'll simply uninstall it.
Gerhard
PS Although personally I think linux reoutation is most harmed by distribs
who insists on installing software with bad security records. But that's
not relevent to linux-kernel.
-- Gerhard Mack<>< As a computer I find your faith in technology amusing.
- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@vger.kernel.org Please read the FAQ at http://www.tux.org/lkml/
This archive was generated by hypermail 2b29 : Sun Jan 07 2001 - 21:00:17 EST