Gary MacDougall([EMAIL PROTECTED])@2001.12.21 11:59:36 +0000: > Thanks everyone for the answer. > > I was pretty sure that the kernel would be able > to detect the fault, but I needed to *make* sure > before i asked another question. > > Now heres my next questions and its a security one. > Based off what was explained by Noah and Kelly, > it appears to me that Buffer Overruns can be dealt > with at the kernel level and that there is probably > a way in the kernel to stop a root exploit during > a buffer overrun. Why hasn't (or maybe someone has) > someone come up with a "ring" or security layer that > protects against root exploits on buffer overruns? > > Maybe this is totally stupid question, but I've > been jumping into security a lot lately, and I noticed > that most of the exploits (if not all) on Linux/Unix > are basically buffer overrun. After reading that > excellent article "Smashing the stack for fun and > profit", it became pretty clear that there are really > two issues: > > 1. Applications that allow for an overrun > 2. The kernel allowing for the exec of a shell (ouch!). > > Why not simply have a ring in the kernel that one good > attach the processes too which protected against this? http://www.openwall.com/linux/ The Openwall patches protect against explointing buffer overruns I think, they're not available for 2.4 yet though. -- ,-------------------------------------------. > Name: Alson van der Meulen < > Personal: [EMAIL PROTECTED] < > School: [EMAIL PROTECTED] < `-------------------------------------------' You might as well all go home early today ... ---------------------------------------------
-- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
