Re: Unexecutable Stack / Buffer Overflow Exploits...

Dan Hollis (goemon@sasami.anime.net)
Fri, 31 Dec 1999 23:14:46 -0800 (PST)

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: Krzysztof Halasa: "Re: Announce: initrd-tftp 0.1"
Next message: Martin Dalecki: "Re: Unexecutable Stack / Buffer Overflow Exploits..."
Previous message: Jeff Dike: "Re: [RFC] pte equality tests"
In reply to: Theodore Y. Ts'o: "Re: Unexecutable Stack / Buffer Overflow Exploits..."

On Fri, 31 Dec 1999, Theodore Y. Ts'o wrote:
> This also won't save you if the attacker knews the address of a static
> buffer (which is in the data segment), and can store arbitrary data of
> his/her choosing in that static buffer, and then overwrites the return
> address on the stack to point to the static buffer. But then again, the
> non-executable stack hack won't save you in this case either.

But what will save us is privileges. So programs which dont need them can
drop ability to spawn arbitrary programs, open raw sockets, /etc/passwd
/etc/shadow etc. Suddenly most of the attacks on named dry up...

-Dan

-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.rutgers.edu
Please read the FAQ at http://www.tux.org/lkml/

Next message: Krzysztof Halasa: "Re: Announce: initrd-tftp 0.1"
Next message: Martin Dalecki: "Re: Unexecutable Stack / Buffer Overflow Exploits..."
Previous message: Jeff Dike: "Re: [RFC] pte equality tests"
In reply to: Theodore Y. Ts'o: "Re: Unexecutable Stack / Buffer Overflow Exploits..."