Doug Preston writes:
> Is (has) anyone looked into using something like immunix.org's compiler to
> protect qmail/vpopmail etc. from
> stack smashing attacks?
>
> Is anyone familiar with the exposure of these programs to this type of attack?
Haven't looked at vpopmail's internals. qmail is immune to this type
of attack. All fixed-size buffers can only be filled by a fixed
amount of data (e.g. formatting an integer). All other buffers are
dynamagically allocated.
--
-russ nelson <[EMAIL PROTECTED]> http://russnelson.com | A hate crime makes
Crynwr sells support for free software | PGPok | it illegal to think certain
521 Pleasant Valley Rd. | +1 315 268 1925 voice | thoughts. The crime is
Potsdam, NY 13676-3213 | +1 315 268 9201 FAX | itself already a crime.
