Dailydave mailing list archives
Re: Theo's presentation on exploit prevention
From: Chris Kuethe <chris.kuethe () gmail com>
Date: Mon, 13 Sep 2004 18:37:08 -0600
One CompSci instructor I know says that OpenBSD is a lot less useful as a teaching OS now because the compiler can do some bounds checking and many/most overflows don't work. In some cases the compiler will flat out tell you that you're trying to sprintf too much into a buffer. This makes it tough for many of the common beginner bugs to exist and not break the program at the exact location of the bug... as opposed to somewhere down the road when all the memory is now corrupt. Of course it still has value as an example how to do things properly (privilege revokation, for example). One simple way to see it in action is to try the examples from stack smashing for fun and profit. maybe grab all your favorite buggy daemons and exploits and see if the bug still works. I'm sadly very accustomed to seeing my syslogs full of "3rdpartyprogram: stack_smash_handler: stack overflow in function foo" In short "it works for me". On Mon, 13 Sep 2004 20:12:22 -0400, Mordy Ovits <movits () bloomberg com> wrote:
Would anyone here care to comment on Theo's claims in this presentation?: http://cvs.openbsd.org/papers/auug04/index.html Particularly the claim in the summary: http://cvs.openbsd.org/papers/auug04/mgp00034.html "These changes really stop attacks." Do they just make it more difficult? Or do they really deprecate stack and heap smashing attacks? Mordy -- Mordy Ovits Network Security Bloomberg L.P. _______________________________________________ Dailydave mailing list Dailydave () lists immunitysec com http://www.immunitysec.com/mailman/listinfo/dailydave
-- GDB has a 'break' feature; why doesn't it have 'fix' too? _______________________________________________ Dailydave mailing list Dailydave () lists immunitysec com http://www.immunitysec.com/mailman/listinfo/dailydave
Current thread:
- Theo's presentation on exploit prevention Mordy Ovits (Sep 13)
- Re: Theo's presentation on exploit prevention Kurt Seifried (Sep 13)
- Re: Theo's presentation on exploit prevention Halvar Flake (Sep 13)
- Re: Theo's presentation on exploit prevention Rodney Thayer (Sep 13)
- Re: Theo's presentation on exploit prevention Chris Kuethe (Sep 13)
- Re: Theo's presentation on exploit prevention Rodney Thayer (Sep 13)
- Re: Theo's presentation on exploit prevention Halvar Flake (Sep 13)
- Re: Theo's presentation on exploit prevention Kurt Seifried (Sep 13)
- Message not available
- Re: Theo's presentation on exploit prevention Matt Hargett (Sep 14)
- <Possible follow-ups>
- Theo's presentation on exploit prevention pageexec (Sep 15)
- Re: Theo's presentation on exploit prevention Dave Aitel (Sep 15)