Re: [Announcement] "Exec Shield", new Linux security feature

Arjan van de Ven (arjanv@redhat.com)
02 May 2003 19:18:21 +0200

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: Richard B. Johnson: "Re: is there small mistake in lib/vsprintf.c of kernel 2.4.20 ?"
Previous message: Dipankar Sarma: "Re: [PATCH] reducing overheads in fget/fput"
Next in thread: Ingo Molnar: "Re: [Announcement] "Exec Shield", new Linux security feature"
Reply: Ingo Molnar: "Re: [Announcement] "Exec Shield", new Linux security feature"

This is a MIME-formatted message. If you see this text it means that your
E-mail software does not support MIME-formatted messages.

--=_courier-12559-1051895991-0001-2
Content-Type: text/plain
Content-Transfer-Encoding: quoted-printable

> Ingo, do you want protection against shell code injection ? Have the
> kernel to assign random stack addresses to processes and they won't be
> able to guess the stack pointer to place the jump. I use a very simple
> trick in my code :

stack randomisation is already present in the kernel, in the form of
cacheline coloring for HT cpus...

--=_courier-12559-1051895991-0001-2
Content-Type: application/pgp-signature; name="signature.asc"
Content-Transfer-Encoding: 7bit
Content-Description: This is a digitally signed message part

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.1 (GNU/Linux)

iD8DBQA+sqhdxULwo51rQBIRAsPbAJ9pvgP1s5HqO1j9dpzhbUlOwtfgGQCfUkQd
xM8TtDZHhGaKtIB/zOKNE+c=
=vAXL
-----END PGP SIGNATURE-----

--=_courier-12559-1051895991-0001-2--

Next message: Richard B. Johnson: "Re: is there small mistake in lib/vsprintf.c of kernel 2.4.20 ?"
Previous message: Dipankar Sarma: "Re: [PATCH] reducing overheads in fget/fput"
Next in thread: Ingo Molnar: "Re: [Announcement] "Exec Shield", new Linux security feature"
Reply: Ingo Molnar: "Re: [Announcement] "Exec Shield", new Linux security feature"