At 12:26 06/03/00, Justin Mason wrote:
>On that note, has anyone tried out some of non-executable-stack patches
>for Linux? And *why* aren't they an option in the standard kernel?! I
>know it still leaves the possibility of overflows in heap buffers, but
>since most of the bugs are stack-based it would reduce the opportunities
>greatly.
I was reading the kernel mailing list summaries a while ago and there was a
big argument about this going on. I think the gist was that the stack
doesn't actually need to be executable, you can just overflow an incorrect
return address onto it which points into somewhere else in the actual
program and let that piece of code do the damage (I think it may be
possible to pass args as well, so you can still do an arbitrary system
command). If they made the stack unexecutable, the hackers would start
using the slightly more difficult way of doing things, but people would now
think that stack exploits are no longer a problem and wouldn't be so
bothered about checking buffers.
Sounded slightly silly to me, anything which makes life a little more
difficult for hackers and breaks all the root kits that are out there
sounds worthwhile. Coders should be checking for overflow for other reasons
than security.
Anyway, I think Linus was on the side of leaving things as they are, so
that finished that,
Fergal
Maintained by the ILUG website team. The aim of Linux.ie is to
support and help commercial and private users of Linux in Ireland. You can
display ILUG news in your own webpages, read backend
information to find out how. Networking services kindly provided by HEAnet, server kindly donated by
Dell. Linux is a trademark of Linus Torvalds,
used with permission. No penguins were harmed in the production or maintenance
of this highly praised website. Looking for the
Indian Linux Users' Group? Try here. If you've read all this and aren't a lawyer: you should be!
