On Tuesday 08 August 2006 13:27, thorsten wrote: > Ok, I forgot -no-pie which prevented the shell to be launched. SSP does > NOT prevent the format string exploit!
Thank you for verifying this. Libsafe is lgpl. Traditionally libsafe is preloaded, via /etc/ld.so.preload, which makes it fairly easy to bypass and vulnerable to environment settings. I'm going to see about adding Libsafe to libc.so so it can't be disabled so easily. However if I remember correctly it causes a few Binutils tests to fail. Maybe there are alternative libraries to Libsafe too. It would be a backup to Grsecurity in case Grsecurity is misconfigured, or disabled. robert
pgpE2CTpO9YEL.pgp
Description: PGP signature
-- http://linuxfromscratch.org/mailman/listinfo/hlfs-dev FAQ: http://www.linuxfromscratch.org/faq/ Unsubscribe: See the above information page
