Bugtraq mailing list archives
Re: http://www.smashguard.org
From: Leon Harris <leon () quoll com>
Date: Wed, 04 Feb 2004 13:26:29 +0800
Interesting paper.Certain apps (notably java virtual machines) manipulate stack return addresses. I understood that one of the advantages of Immunix's product StackGuard was that you could still run these types of apps by statically linking them against a normal libc (and chrooting them or otherwise confining them). If the protection is mandatory, and in hardware, then surely these types of app wont work.
Cheers, Leon Hilmi Ozdoganoglu wrote: > SmashGuard is a hardware-based solution developed at Purdue >University to prevent Buffer-Overflow Attacks realized by overwriting the >Function Return Address (patent-pending). The design of SmashGuard is a >kernel patch that supports CPUs modified to support SmashGuard protection. > > For details please refer to the TechReports at: > > http://www.smashguard.org > > In addition to details of SmashGuard, the site serves as a comprehensive >resource for buffer overflow attacks/prevention/detection. On "the buffer >overflow page" we provide links to research papers, known exploits, safer >C languages, patents, audit tools and more. If you can think of a site or >resource that should be added please send email to our webmaster >(cyprian () purdue edu) > >-SmashGuard Group >
Current thread:
- http://www.smashguard.org Hilmi Ozdoganoglu (Feb 02)
- RE: http://www.smashguard.org Dave Paris (Feb 03)
- Re: http://www.smashguard.org Nicholas Weaver (Feb 03)
- RE: http://www.smashguard.org Hilmi Ozdoganoglu (Feb 07)
- Re: http://www.smashguard.org Theo de Raadt (Feb 07)
- Re[2]: http://www.smashguard.org Andrey Kolishak (Feb 09)
- Re: http://www.smashguard.org Crispin Cowan (Feb 09)
- Re: http://www.smashguard.org Theo de Raadt (Feb 10)
- Re: http://www.smashguard.org Nicholas Weaver (Feb 09)
- RE: http://www.smashguard.org Dave Paris (Feb 03)
- Re: http://www.smashguard.org Seth Arnold (Feb 05)