Bugtraq mailing list archives
Re: Buffer overflow prevention
From: Shaun Clowes <shaun () securereality com au>
Date: Fri, 15 Aug 2003 09:27:24 +1000
On Thu, Aug 14, 2003 at 07:26:47PM +0200, Mariusz Woloszyn wrote:
On Thu, 14 Aug 2003, Stephen Clowater wrote:Also, you can use chpax, and turn on a non-executable stack, and with a small amount of voodoo (in tracking down the binarys and .so's that need the stack, wich typically is only a single binary or .so file, wich you can find with ptrace, strace, or ltrace) you can have all of your stuff run with a non-executeable stack, thus making stack smashing impossible. Nothing can execute off your stack so a malicous person can override all the addresses he wants, his code cant run off your stack.
Perhaps I'm the only one who feels this way, but I believe that the vast majority of the exploitation of systems is being performed by people with no knowledge of how to write an exploit and that the vast majority of exploits are fragile. Doing anything that makes you different from every other installation of Linux/HPUX/Solaris/InsertOSHere will drastically decrease the changes of any point and click exploit working against you. Could a determined (and knowledgable) attacker still get through? Sure. But if we're talking protections that take very little effort to implement, have a minor performance impact and will save your skin some of the time, it's obvious that it's worth deploying them. As long as you're not kidding yourself that you're then totally secure. Its kind of reminiscent of that old joke about the two guys running away from the lion. You don't have to beat the lion, just the other person. Cheers, Shaun
Current thread:
- Re: Buffer overflow prevention, (continued)
- Re: Buffer overflow prevention Jedi/Sector One (Aug 14)
- Re: Buffer overflow prevention Peter Busser (Aug 15)
- Re: Buffer overflow prevention Jedi/Sector One (Aug 14)
- Re: Buffer overflow prevention Miod Vallat (Aug 14)
- Re: Buffer overflow prevention Peter Busser (Aug 15)
- Re: Buffer overflow prevention stealth (Aug 15)
- Re: Buffer overflow prevention Mark Tinberg (Aug 18)
- Re: Buffer overflow prevention Crispin Cowan (Aug 18)
- Re: Buffer overflow prevention Peter Busser (Aug 18)
- Re: Buffer overflow prevention Crispin Cowan (Aug 15)
- Re: Buffer overflow prevention Shaun Clowes (Aug 18)
- Re: Buffer overflow prevention Crispin Cowan (Aug 18)
- Re: Buffer overflow prevention Mark Handley (Aug 18)
- Re: Buffer overflow prevention Crispin Cowan (Aug 18)