Re: [PATCH] [SECURITY] suid procs exec'd with bad 0,1,2 fds

• Messages sorted by: [ date ][ thread ][ subject ][ author ]
• Next message: Meelis Roos: "Re: IDE drive data transfer rates, kernel optimization?"
• Previous message: H. Peter Anvin: "Re: SMBFS: Question..."

> But there is currently already a patch out there for GCC, which allows
> you to enable bounds checking on arrays. So If You where a responsible
> Linux distribution creator --- get this patch and compile all the ftpd
> or whotever with it enabled.

<ObPlug>

Here at OGI, the immunix project [1] is working on assembling a complete
RedHat 5.1 distribution with everything compiled with our StackGuard
compiler. [2]

</ObPlug>

[1] http://www.cse.ogi.edu/DISC/projects/immunix/
[2] http://www.cse.ogi.edu/DISC/projects/immunix/StackGuard/

----
Aaron J. Grier | agrier@cse.ogi.edu
"I generally find that a goat isn't really necessary, but bloodying
one's fingers while installing the system and SCSI chain does seem to
correlate with more reliable operation." -- Leonard N. Zubkoff

-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.rutgers.edu
Please read the FAQ at http://www.altern.org/andrebalsa/doc/lkml-faq.html

• Next message: Meelis Roos: "Re: IDE drive data transfer rates, kernel optimization?"
• Previous message: H. Peter Anvin: "Re: SMBFS: Question..."