Full Disclosure mailing list archives

Previous By Date Next
Previous By Thread Next

Linux Exec Shield (was: Linux (in)security)

From: Chris Ruvolo <chris+fulldisc () ruvolo net>
Date: Wed, 22 Oct 2003 15:27:17 -0700
On Wed, Oct 22, 2003 at 10:16:02AM -0700, Edward W. Ray wrote:

Linux is the hands of someone with no interest or regard for security is the
same as Windows or any other OS in the hands of the same clueless
individual.  The main difference between the Linux and Unix variants (i.e.
BSD, Solaris, HP-UX) is that they have already learned their lesson regarded
buffer overflows and kernel hardening and allowed the user more control in
securing their systems.  M$ has not, and that is unfortunate.


Speaking about kernel hardening, I was wondering if anyone on the list could
comment on Ingo Molnar's Exec Shield Linux kernel patches.

How effective do you think they are?  Would it actually make some holes more
difficult to exploit?  Impossible to exploit?  Obviously its not a 100%
blanket protection against buffer overflows (as acknowledged by the author),
but does anyone here think it could be worthwhile?

Details and patches are here:
        http://people.redhat.com/mingo/exec-shield/ANNOUNCE-exec-shield
        http://people.redhat.com/mingo/exec-shield/

Thanks,
-Chris

Attachment: _bin
Description:

Previous By Date Next
Previous By Thread Next

Current thread: