> So the argument goes that the people capable of coding exploits can
> now just write one which deals with the stack execute protection cases
> too, then what do you do?
It's an arms race no matter how you look at it. firewalling is in the
kernel. If systems were built to be secure in the first place it wouldn't
be needed. But it's there anyhow. Does that let folks worry a bit less
about things inside their firewall? yes. Does that lead to less secure
systems inside the firewall? yes. How is it different from
no-stack-exec?
It's all about lowering the limbo bar another notch. When other forms of
exploits show up we can invent another solution to avoid them. We've got
firewalls, encryption, and no-stack-exec in our arsenal now. I use 'em all
on my systems, and I sleep a hell of a lot better.
What exactly is unclean about the no-stack-exec patch? It's pretty hard
to get everything working the way the patch does -- it handles all the
trampoline examples you've given so far (a call onto the stack is
different from a return onto the stack). The x86 doesn't have X bits in
the paging hardware, the only way to restrict execution is to twiddle
CS... it's an ugly problem.
Dean
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.rutgers.edu
Please read the FAQ at http://www.altern.org/andrebalsa/doc/lkml-faq.html