> On Fri, 2 May 2003, Florian Weimer wrote:
>
>> Davide Libenzi <davidel@xmailserver.org> writes:
>>
>> > Ingo, do you want protection against shell code injection ? Have the
>> > kernel to assign random stack addresses to processes and they won't be
>> > able to guess the stack pointer to place the jump.
>>
>> If your software is broken enough to have buffer overflow bugs, it's
>> not entirely unlikely that it leaks the stack address as well (IIRC,
>> BIND 8 did).
>
> Leaking the stack address is not a problem in this case, since the next
> run will be very->very->very likely different.
Usually, you can't afford a fork() and execve() for each request you
process. 8-(
(In addition, GCC might optimize away those alloca() calls.)
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/