Bugtraq mailing list archives
Re: Buffer overflow prevention
From: Massimo Bernaschi <massimo () iac rm cnr it>
Date: Fri, 15 Aug 2003 19:37:06 +0200
The discussion about the various techniques for buffer overflow prevention is very interesting, but if the target is to prevent the security threats caused by buffer overflows, then one should look for an operating system base solution, since it is an OS issue to enforce the security. Solutions based on the control of system calls execution like systrace (http://www.citi.umich.edu/u/provos/systrace/) or remus (http://remus.sourceforge.net/) are just two possible examples of such approach. Massimo --- Massimo Bernaschi: Istituto Applicazioni del Calcolo ---- | IAC-CNR | e-mail: massimo () iac cnr it | | V.le del Policlinico 137 | phone: +39 06 88470229 | | 00161 Roma - ITALY | fax: +39 06 4404306 | --------------------------------------------------------------------------- |See http://www.iac.cnr.it/~massimo for my GPG public key or check | |GnuPG Public Key Fingerprint (keyserver.linux.it) | |pub 1024/CAA3FB48 2001/01/04 Massimo Bernaschi <massimo () iac rm cnr it> | | Key fingerprint = 3EFF 7AFF F8A4 F34E 382B DD81 57F3 700A CAA3 FB48| ---------------------------------------------------------------------------
Current thread:
- Re: Buffer overflow prevention, (continued)
- Re: Buffer overflow prevention Crispin Cowan (Aug 18)
- Heterogeneity as a form of obscurity, and its usefulness Bob Rogers (Aug 22)
- Re: Heterogeneity as a form of obscurity, and its usefulness Crispin Cowan (Aug 22)
- Re: Heterogeneity as a form of obscurity, and its usefulness Nicholas Weaver (Aug 22)
- Re: [Full-Disclosure] Re: Buffer overflow prevention KF (Aug 15)
- Re: Buffer overflow prevention Patrick Dolan (Aug 14)
- Re: Buffer overflow prevention Theo de Raadt (Aug 18)
- Re: Buffer overflow prevention Peter Busser (Aug 18)
- Re: Buffer overflow prevention noir (Aug 18)
- Re: Buffer overflow prevention Mariusz Woloszyn (Aug 18)