Dailydave mailing list archives

Re: Theo's presentation on exploit prevention

From: Matt Hargett <matt () use net>
Date: Tue, 14 Sep 2004 09:56:58 +0000

Mordy Ovits wrote:

Would anyone here care to comment on Theo's claims in this presentation?:
http://cvs.openbsd.org/papers/auug04/index.html

Particularly the claim in the summary:
http://cvs.openbsd.org/papers/auug04/mgp00034.html

"These changes really stop attacks."

Do they just make it more difficult? Or do they really deprecate stack andheap smashing attacks?

I don't see how they're dealing with poor signal/exception handlingattacks here, which is where I think the next big batch of bugs willcome from. (I mentioned this in my Blackhat Windows talk, and two of the10 people who attended agreed.)


I'm not sure I see anything for web application oriented bugs, either.

I'm curious what the performance hit of their stack/heap checking is,though -- anyone have a URL for info on that?

_______________________________________________
Dailydave mailing list
Dailydave () lists immunitysec com
http://www.immunitysec.com/mailman/listinfo/dailydave

Current thread:

Theo's presentation on exploit prevention Mordy Ovits (Sep 13)
- Re: Theo's presentation on exploit prevention Kurt Seifried (Sep 13)
  - Re: Theo's presentation on exploit prevention Halvar Flake (Sep 13)
    - Re: Theo's presentation on exploit prevention Rodney Thayer (Sep 13)
    - Re: Theo's presentation on exploit prevention Chris Kuethe (Sep 13)
    - Re: Theo's presentation on exploit prevention Rodney Thayer (Sep 13)
- Re: Theo's presentation on exploit prevention Chris Kuethe (Sep 13)
- Re: Theo's presentation on exploit prevention Matt Hargett (Sep 14)
  - Message not available
    - Re: Theo's presentation on exploit prevention Matt Hargett (Sep 14)
- <Possible follow-ups>
- Theo's presentation on exploit prevention pageexec (Sep 15)
  - Re: Theo's presentation on exploit prevention Dave Aitel (Sep 15)