Bugtraq mailing list archives
Re: Buffer overflow prevention
From: "Matt D. Harris" <vesper () depraved org>
Date: Thu, 14 Aug 2003 17:49:18 -0400
Theo de Raadt wrote:
Solaris 2.6 and above also support a kernel variable which can be set via /etc/system called "noexec_user_stack", which can make the stack for userland processes non-executable by default. Note that this behavior is the default for 64-bit binaries in Solaris 7, 8, and 9, and this kernel variable forces the behavior for 32-bit binaries. I run all sorts of odd software and have never had an issue with having this always turned on for all of my systems.You just don't get it, do you? Are you even reading what people are saying? Protecting just the stack is basically useless. 99.9% of exploits that use the stack can be rewritten to NOT use the stack! But W^X protects THE ENTIRE ADDRESS SPACE.
That's fine. I'm not pointing out this functionality as some sort of be-all-end-all fix for everything. I'm simply pointing out a function that a system provides that people may find useful. And how many script kiddies are resourceful enough to re-write an exploit to *not* use the stack? The fact is, simply preventing the stack isn't perfect. But it's not entirely worthless, either. To call anything that does something useful entirely worthless is just downright silly. In today's day and age, one should do everything possible to protect themselves, whether it's going to be effective 1% of the time of 99% of the time. So, when are you releasing the Solaris kernel module to support the W^X stuff? Someone who's so married to a specific bit of defense would certainly want to release it to as many potential users as possible, whether they use OpenBSD or not, right? :-)
Current thread:
- Re: Buffer overflow prevention, (continued)
- Re: Buffer overflow prevention Crispin Cowan (Aug 18)
- Re: Buffer overflow prevention Mark Handley (Aug 18)
- Re: Buffer overflow prevention Crispin Cowan (Aug 18)
- Heterogeneity as a form of obscurity, and its usefulness Bob Rogers (Aug 22)
- Re: Heterogeneity as a form of obscurity, and its usefulness Crispin Cowan (Aug 22)
- Re: Heterogeneity as a form of obscurity, and its usefulness Nicholas Weaver (Aug 22)
- Re: Buffer overflow prevention Patrick Dolan (Aug 14)
- Re: Buffer overflow prevention Theo de Raadt (Aug 18)
- Re: Buffer overflow prevention Peter Busser (Aug 18)
- Re: Buffer overflow prevention noir (Aug 18)
- Re: Buffer overflow prevention Mariusz Woloszyn (Aug 18)