Re: [PATCH] [SECURITY] suid procs exec'd with bad 0,1,2 fds

Martin Mares (mj@atrey.karlin.mff.cuni.cz)
Tue, 4 Aug 1998 20:05:35 +0200

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: Tom Rini: "devfs-HOWTO ?"
Previous message: David S. Miller: "Re: [PATCH] [SECURITY] suid procs exec'd with bad 0,1,2 fds"
In reply to: Alan Cox: "Re: [PATCH] [SECURITY] suid procs exec'd with bad 0,1,2 fds"
Next in thread: Theodore Y. Ts'o: "Re: [PATCH] [SECURITY] suid procs exec'd with bad 0,1,2 fds"
Next in thread: Jon Lewis: "Re: [PATCH] [SECURITY] suid procs exec'd with bad 0,1,2 fds"

> Security patches aren't intended to fix bugs in software. They are a
> recogntion of the fact that nobody has mastered the art of writing highly
> secure software.

Yes, but ... doesn't this look like security through obscurity? The no stack
exec patch just makes the stack smashing attacks harder (you need to make use
of code present somewhere else, but it's still doable), not impossible.

Have a nice fortnight

-- Martin `MJ' Mares <mj@ucw.cz> http://atrey.karlin.mff.cuni.cz/~mj/ Faculty of Math and Physics, Charles University, Prague, Czech Rep., Earth "The world is coming to an end... SAVE YOUR BUFFERS!!"

- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@vger.rutgers.edu Please read the FAQ at http://www.altern.org/andrebalsa/doc/lkml-faq.html

Next message: Tom Rini: "devfs-HOWTO ?"
Previous message: David S. Miller: "Re: [PATCH] [SECURITY] suid procs exec'd with bad 0,1,2 fds"
In reply to: Alan Cox: "Re: [PATCH] [SECURITY] suid procs exec'd with bad 0,1,2 fds"
Next in thread: Theodore Y. Ts'o: "Re: [PATCH] [SECURITY] suid procs exec'd with bad 0,1,2 fds"
Next in thread: Jon Lewis: "Re: [PATCH] [SECURITY] suid procs exec'd with bad 0,1,2 fds"