> On Wed, 3 Jan 2001, Gerhard Mack wrote:
> > On Wed, 3 Jan 2001, Dan Hollis wrote:
> > > On Wed, 3 Jan 2001, Gerhard Mack wrote:
> > > > Your comparing actual security with stack guarding? Stack guarding mearly
> > > > makes the attack diffrent.. rootkits are already available to defeat it.
> > > url?
> > Ugh do you have any idea how hard it is to find 2 year old exploits?
> > Heres the best I could find on short notice:
> > http://www.insecure.org/sploits/non-executable.stack.problems.html
> > http://darwin.bio.uci.edu/~mcoogan/bugtraq/msg00335.html
> You said there were rootkits specifically targetting stackguard.
> These URLs simply describe attacks on stackguard, where are the
> stackguard rootkits?
I'll correct myself then: there were non exec stack patches. Keep in
mind part of the problem is that some compilors actually use that feature
look up "trampolines" for more info.
Also I was in error to refer to it as stack guarding.. Stack guard is a
compilor. I acually use libsafe it's preferable for 2 reasons.
1 It's entirely userspace and it works fine.
2 If someone manages to render it useless I'll simply uninstall it.
PS Although personally I think linux reoutation is most harmed by distribs
who insists on installing software with bad security records. But that's
not relevent to linux-kernel.
-- Gerhard Mack
<>< As a computer I find your faith in technology amusing.
- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to firstname.lastname@example.org Please read the FAQ at http://www.tux.org/lkml/