OSEC

Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com
FreeBSD Security Archives: Re: stack protecting

Re: stack protecting

Andre Gironda (andresun4c.net)
Wed, 3 Nov 1999 09:00:03 -0800

On Wed, Nov 03, 1999 at 06:58:09AM -0700, David G Andersen wrote:
> Lo and behold, Andre Gironda once said:
> >
> > Stack protection doesn't work as there are still heap overflows and
> > race conditions. it's best to apply TPE patches (Phrack, Issue 52/54),
> > like originally implemented on upt.org. Or write perfect code ;>
>
> While I agree with you that it's not a perfect solution, isn't that
> like saying that using a car alarm isn't a good idea, even though it will
> prevent 50% of the breakins to your car?
>
> Defense in depth *is* a good idea. Stackguard and like products can
> help quite a bit with this.

I wouldn't go around toting car alarms or Stackguard for full protection,
that's all. ;> And I really doubt in either case you prevent 50% of
breakins. There is a LOT of material available that explains the inner-
workings of heap overflows. There is a lot of generated code that aids
a person with exploiting heap overflows. They are readily available just like
stack overflow exploit scripts are readliy available.

If you can find a way to stack protect FreeBSD, go for it, I say. But it's
not going to solve every problem.

dre

To Unsubscribe: send mail to majordomoFreeBSD.org
with "unsubscribe freebsd-security" in the body of the message

This archive was generated by hypermail 2.0b3 on Wed Nov 03 1999 - 11:09:38 CST