Re: Pentium DEATH in user-mode
Erik Corry (erik@arbat.com)
Mon, 10 Nov 1997 00:56:55 +0100 (MET)
In article <19971109182759.27004@msu.edu> you wrote:
> > Note that this bug means ANY buffer overflow bug, even on non-setuid apps,
> > is now an entry point for an attacker to crash your machine. Got users on
> > your system who wrote their own CGI apps in C? Ouch. Let's make that
> > non-executable stack patch part of the mainstream kernel.
> It would prolly already be in the kernel if it didn't break trampolines.
If you go to <http://www.linuxhq.com/patch/20-p0491.html>
and download it you will see in the doc that it doesn't
break trampolines.
--
Erik Corry erik@arbat.com