-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Fri, 22 Aug 2003 at 10:32:27AM -0400, Matt Zimmerman wrote: > It is often the case that the attacker doesn't know the exact location of > structures in memory; there are techniques for finding out. I'm sure that > the authors of PaX do not misrepresent it as complete protection. > > It's pointless to argue about it; it's clear that PaX provides some value in > protection against security vulnerabilities, and I think it's also clear > that because it will break many existing applications, it is not suitable > for use by default. But there is no reason why a PaX-enabled kernel could > not be provided as an option. All it needs is someone willing to do the > work (hint, hint).
I would be willing to maintain a grsec kernel image with PaX and temp. file symlink blocking if someone would be willing to sponsor it (hint, hint) - -- Phillip Hofmeister PGP/GPG Key: http://www.zionlth.org/~plhofmei/ wget -O - http://www.zionlth.org/~plhofmei/key.txt | gpg --import - -- Excuse #100: We just switched to FDDI. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.2 (GNU/Linux) iD8DBQE/Rpq3S3Jybf3L5MQRAqkxAJ96rsDDKGr583UiBxDZEiaPuiS0sACeKD0r 1VLdCtM3Kg1jQ/oztj24NFk= =mBQL -----END PGP SIGNATURE-----
