Re: Theo's presentation on exploit prevention

[Chris Kuethe <chris.kuethe () gmail com>]

One CompSci instructor I know says that OpenBSD is a lot less useful
as a teaching OS now because the compiler can do some bounds checking
and many/most overflows don't work. In some cases the compiler will
flat out tell you  that you're trying to sprintf too much into a
buffer. This makes it tough for many of the common beginner bugs to
exist and not break the program at the exact location of the bug... as
opposed to somewhere down the road when all the memory is now corrupt.

Of course it still has value as an example how to do things properly
(privilege revokation, for example).

One simple way to see it in action is to try the examples from stack
smashing for fun and profit. maybe grab all your favorite buggy
daemons and exploits and see if the bug still works. I'm sadly very
accustomed to seeing my syslogs full of "3rdpartyprogram:
stack_smash_handler: stack overflow in function foo"

In short "it works for me".

On Mon, 13 Sep 2004 20:12:22 -0400, Mordy Ovits <movits () bloomberg com> wrote:
> Would anyone here care to comment on Theo's claims in this presentation?:
> http://cvs.openbsd.org/papers/auug04/index.html
>
> Particularly the claim in the summary:
> http://cvs.openbsd.org/papers/auug04/mgp00034.html
>
> "These changes really stop attacks."
>
> Do they just make it more difficult?  Or do they really deprecate stack and
> heap smashing attacks?
>
> Mordy
> --
> Mordy Ovits
> Network Security
> Bloomberg L.P.
>
> _______________________________________________
> Dailydave mailing list
> Dailydave () lists immunitysec com
> http://www.immunitysec.com/mailman/listinfo/dailydave



-- 
GDB has a 'break' feature; why doesn't it have 'fix' too?
_______________________________________________
Dailydave mailing list
Dailydave () lists immunitysec com
http://www.immunitysec.com/mailman/listinfo/dailydave