Today, Jerry Eckert gleaned this insight:
> | It's like putting antibiotics into chicken feed. It might temporarily
> | decrease the spread of certain types of bacteria in improperly cooked
> | food, but in the long run, the bacteria develop resistance, and then
> | we're back where we're started. And you'll notice that scientists have
> | made the argument that it's better not to put antibiotics in chicken
> | feed if it isn't going to stop the bacteria in the long run. This is a
> | similar situation.
>
> This is a totally inaccurate analogy. Misuse/overuse of antibiotics in
> veterinary settings can result in human infection with antibiotic resistant
> bacteria. Comparing human (or even animal) death to computer crashes is
> totally absurd.
Moreover crackers can't develop stack overrun attacks that are immune to a
non-executable stack. They have to find a different method.
But while the analogy is flawed, his point is a good one. You've still
got vulnerabilities and people will simply change the method they use.
Personally, I don't see that as a valid argument for NOT including the
patch, because it's still one security hole that you've plugged up.
As for making the text segment read-only, I didn't realize it wasn't.
Seems like this is something that should be done. Programs that overwrite
stuff in the text segment can be rewritten...
--
PGP/GPG Public key at http://cerberus.ne.mediaone.net/~derek/pubkey.txt
------------------------------------------------------
Derek D. Martin | Unix/Linux Geek
[EMAIL PROTECTED] | [EMAIL PROTECTED]
------------------------------------------------------
**********************************************************
To unsubscribe from this list, send mail to
[EMAIL PROTECTED] with the following text in the
*body* (*not* the subject line) of the letter:
unsubscribe gnhlug
**********************************************************
