Bugtraq mailing list archives

fixing all buffer overflows --- random magin numbers

From: joel () EXC COM (Dr. Joel M. Hoffman)
Date: Sat, 11 Sep 1999 21:37:00 EDT


I was thinking --- it wouldn't be too hard to make buffer overflow
attacks impossible.  The basic idea is to do away with binary
compatibility.

In particular, I was thinking that part of building a kernel would
involve assigning a random number to each syscall, and creating a
syscall.h file with these random numbers.  A binary would only run if
it was compiled with the proper syscall.h, so all binaries would have
to be recompiled for the new kernel, but then, syscall.h could be
removed, and the system would be impervious to buffer overflow
attacks.  (One step further would involve random magic numbers in
every function call.)

I would be happy to give up binary compatilibyt for the added security
it would add.

Comments?

-Joel Hoffman
(joel () exc com)

Current thread:

Re: Root shell vixie cron exploit, (continued)
- Re: Root shell vixie cron exploit Seva Gluschenko (Sep 01)
  - Re: Root shell vixie cron exploit Michal Zalewski (Sep 01)
  - Re: Root shell vixie cron exploit John Kennedy (Sep 03)
    - Re: Root shell vixie cron exploit Peter Wemm (Sep 07)
    - Re: Root shell vixie cron exploit Raymond Dijkxhoorn (Sep 07)
  - Re: Root shell vixie cron exploit Christos Zoulas (Sep 03)
  - [security-officer () FreeBSD ORG: FreeBSD-SA-99:01: BSD File Flags and Programming Techniques] Patrick Oonk (Sep 03)
  - Re: Root shell vixie cron exploit Valentin Nechayev (Sep 04)
  - gftp Oscar Haeger (Sep 05)
    - Re: gftp - ms ftp debug mode Bencsath Boldizsar (Sep 08)
    - fixing all buffer overflows --- random magin numbers Dr. Joel M. Hoffman (Sep 11)
    - Re: fixing all buffer overflows --- random magin numbers Peter van Dijk (Sep 12)
    - Re: fixing all buffer overflows --- random magin numbers Eric Hutchinson (Sep 12)
    - Re: fixing all buffer overflows --- random magin numbers Daniel W. Dulitz x108 (Sep 13)
    - Enterprise Overflow Daniel Kerr (Sep 11)
    - Re: gftp - ms ftp debug mode Valentin (Sep 12)
    - Re: gftp - ms ftp debug mode Max Vision (Sep 12)
    - Linux 2.2.12 mini-audit Solar Designer (Sep 13)
    - Vulnerability in dtaction Job de Haas (Sep 13)
    - Many kind of POP3/SMTP server softwares for Windows have buffer overflow bug UNYUN (Sep 12)
    - Accept overflow on Netscape Enterprise Server 3.6 SP2 Nobuo Miwa (Sep 12)

(Thread continues...)