So what do you do when somebody comes up with a crack that instead of
writing code to the stack just modifies the return address to point to
some known point in the shared library code or something like that?
Then posts it on the cracker lists, and suddenly your precious patch does
nothing at all for you?
The reason I don't like the patch is that it's a classic example of
security by obscurity. It's the Windows NT approach to security, and the
fact that Solaris does it too does not impress me in the least.
Linus
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.rutgers.edu
Please read the FAQ at http://www.altern.org/andrebalsa/doc/lkml-faq.html