Full Disclosure mailing list archives
Re: Re: yet another OpenBSD kernel hole ...
From: Peter Busser <peter () adamantix org>
Date: Tue, 18 Nov 2003 21:33:13 +0100
Hi!
noir> so i hope, some of you openbsd loving losers will finally get the truth noir> behind your cult. it is a big LIE, aloha ???? Being not a diehard obsd fan, I must notice that 3.4 kernel is built with stack smashing protection, which reduces this hole to pure local DoS only.
_IF_ the stack smashing protection works it will reduce this bug into a pure local DoS yes. I have seen no proof so far that the SSP stack smashing protection is 100% effective against all types of overflows.
Can you name any other OS which has any prevention against kernel buffer overflow ?
The Adamantix kernels are compiled with SSP (aka propolice), which is the same thing used to compile the OpenBSD kernel. It protects against some, but not all, overflows. Groetjes, Peter Busser -- The Adamantix Project Taking high-security Linux out of the labs, and into the real world http://www.adamantix.org/ _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Current thread:
- yet another OpenBSD kernel hole ... noir (Nov 17)
- Re: yet another OpenBSD kernel hole ... i.t Consulting (Nov 22)
- <Possible follow-ups>
- Re: yet another OpenBSD kernel hole ... Alexander E. Cuttergo (Nov 18)
- Re: Re: yet another OpenBSD kernel hole ... Peter Busser (Nov 18)
- Re: Re: yet another OpenBSD kernel hole ... noir (Nov 18)
- Re: yet another OpenBSD kernel hole ... Alexander E. Cuttergo (Nov 18)
- Re: Re: yet another OpenBSD kernel hole ... noir (Nov 18)