On Fri, 2005-07-15 at 13:56 +0530, RVK wrote:How about using ProPolice etc ?
except this is no longer true really ;)Still is very new....not every one can immediately start using gcc 4.
randomisation for example makes this a lot harder to do.
gcc level tricks to prevent buffer overflows are widely in use nowadays
too (FORTIFY_SOURCE and -fstack-protector). The combination of this all
makes it a LOT harder to actually exploit a buffer overflow on, say, a
distribution like Fedora Core 4.
it;s also available for gcc 3.4 as patch (and included in FC3 and RHEL4
for example)
so it's new? so what? doesn't make it less true that it nowadays is a
lot harder to exploit such bugs on recent distros.
.