Bugtraq mailing list archives

Re: Smashing the Stack: prevention?

From: tqbf () ENTERACT COM (Thomas H. Ptacek)
Date: Sun, 27 Apr 1997 23:42:03 -0500

1.  'you gotta change the code'


These are just plugs in the bursting dike. The problem is not that
privileged code is insecure. The problem is that there is too much
privileged code.

----------------
Thomas Ptacek at EnterAct, L.L.C., Chicago, IL [tqbf () enteract com]
----------------
"If you're so special, why aren't you dead?"

Current thread:

Smashing the Stack: prevention? nate (Apr 27)
- Re: Smashing the Stack: prevention? Thomas H. Ptacek (Apr 27)
  - Re: Smashing the Stack: prevention? Russell Coker (Apr 28)
  - Possibly exploitable buffer overflow in Solaris 2.5.1 ps Joe Zbiciak (Apr 28)
    - Re: Possibly exploitable buffer overflow in Solaris 2.5.1 ps Geoffrey KEATING (Apr 29)
    - Digital UNIX/Irix mesg problem Tom Leffingwell (Apr 29)
    - Re: Digital UNIX/Irix mesg problem John Sheehy (Apr 29)
    - Access control on W3C httpd server Peter Lord (Apr 30)
    - vulnerabilities in kerberos David Sacerdote (Apr 29)
    - Sun Security Bulletin #00139 Sun Security Coordination Team (Apr 29)
  - SMASHING THE STACK: PREVENTION? massimo at vnet.ibm.com (Apr 28)
    - Re: SMASHING THE STACK: PREVENTION? Alex Belits (Apr 28)

(Thread continues...)