Full Disclosure mailing list archives
Re: "Advances in Security" in the Linux Kernel and RedHat idiocy
From: Michal Zalewski <lcamtuf () ghettot org>
Date: Thu, 27 Jan 2005 20:37:19 +0100 (CET)
On Thu, 27 Jan 2005, Brad Spengler wrote:
I guess anyone who thinks that taking a hardcoded exploit and running it 256 times would always result in a successful exploit is stupid.
It would not always result in a successful exploitation; just as flipping the coin twice is not a guarantee of getting tails once. Other than that, the amount of randomization is indeed puny; but then, even 32-bit randomization is a good defense only in certain situations, and often, can be defeated with some time, aided by luck or a decent NOP-equivalent sled. -- ------------------------- bash$ :(){ :|:&};: -- Michal Zalewski * [http://lcamtuf.coredump.cx] Did you know that clones never use mirrors? --------------------------- 2005-01-27 20:31 -- http://lcamtuf.coredump.cx/photo/current/ _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Current thread:
- "Advances in Security" in the Linux Kernel and RedHat idiocy Brad Spengler (Jan 27)
- Re: "Advances in Security" in the Linux Kernel and RedHat idiocy Arjan van de Ven (Jan 27)
- Re: "Advances in Security" in the Linux Kernel and RedHat idiocy Brad Spengler (Jan 27)
- Re: "Advances in Security" in the Linux Kernel and RedHat idiocy Michal Zalewski (Jan 27)
- Re: "Advances in Security" in the Linux Kernel and RedHat idiocy Brad Spengler (Jan 28)
- Re: "Advances in Security" in the Linux Kernel and RedHat idiocy Arjan van de Ven (Jan 27)