On Fri, 2005-07-15 at 16:47 +0530, RVK wrote:
> Arjan van de Ven wrote:
> >so it's new? so what? doesn't make it less true that it nowadays is a
> >lot harder to exploit such bugs on recent distros.
> >
> >
> >
> How about using ProPolice etc ?
that's also a good one; gcc 4.1 will have a propoli
Arjan van de Ven wrote:
On Fri, 2005-07-15 at 13:56 +0530, RVK wrote:
except this is no longer true really ;)
randomisation for example makes this a lot harder to do.
gcc level tricks to prevent buffer overflows are widely in use nowadays
too (FORTIFY_SOURCE and -fstack-protector). The comb
Arjan van de Ven wrote:
On Fri, 2005-07-15 at 13:56 +0530, RVK wrote:
except this is no longer true really ;)
randomisation for example makes this a lot harder to do.
gcc level tricks to prevent buffer overflows are widely in use nowadays
too (FORTIFY_SOURCE and -fstack-protector). The comb
Arjan van de Ven wrote:
On Fri, 2005-07-15 at 13:56 +0530, RVK wrote:
except this is no longer true really ;)
randomisation for example makes this a lot harder to do.
gcc level tricks to prevent buffer overflows are widely in use nowadays
too (FORTIFY_SOURCE and -fstack-protector). The comb
On Fri, 2005-07-15 at 13:56 +0530, RVK wrote:
> >except this is no longer true really ;)
> >
> >randomisation for example makes this a lot harder to do.
> >gcc level tricks to prevent buffer overflows are widely in use nowadays
> >too (FORTIFY_SOURCE and -fstack-protector). The combination of this
Arjan van de Ven wrote:
On Fri, 2005-07-15 at 12:11 +0530, RVK wrote:
Even in the presence of non-executable stack, Linux Torvalds explains
that "It's really easy. You do something like this: 1) overflow the
buffer on the stack, so that the return value is overwritten by a
pointer to the sy
On Fri, 2005-07-15 at 12:11 +0530, RVK wrote:
> Even in the presence of non-executable stack, Linux Torvalds explains
> that "It's really easy. You do something like this: 1) overflow the
> buffer on the stack, so that the return value is overwritten by a
> pointer to the system() library funct
Brian O'Mahoney wrote:
First there are endless ways of stopping DAMAGE from buffer
over-runs, from code that accepts user data, eg extend buffer, dont
use dangerous strxxx functions so while you can move
stuff to proxies, and that has been done extensively e.g.
for sendmail it is a cop-out,
First there are endless ways of stopping DAMAGE from buffer
over-runs, from code that accepts user data, eg extend buffer, dont
use dangerous strxxx functions so while you can move
stuff to proxies, and that has been done extensively e.g.
for sendmail it is a cop-out, far better fix the applic
9 matches
Mail list logo
