Eli Marmor <[EMAIL PROTECTED]> wrote:
>
> Before you argue, let me say that by writing "general" I didn't mean
> that the kernel-based solutions *solve* the problem; You still can
> garbage the stack, but you can't execute it, so in the worst case,
> the victim process will fail, but no *real* damage will be caused to
> the system. What I meant was that it doesn't protect only specific
> functions, but ANY function.
>
> Linus and Alan Cox claim that preventing the stack from being
> executed is not a real solution but only a workaround, so they don't
> agree to insert it into the standard kernel. This is also why most of
> the distributions (I think except for Mandrake in its highest
> security level and Definite-Linux, as well as some security-focused
> distros) don't include the kernel-based solutions, but plan to
> include Lucent's solution.
>
I refer you to the following article posted to bugtraq 2 years ago
"Defeating Solar Designer non-executable stack patch"
http://www.securityfocus.com/templates/archive.pike?list=1&date=1998-02-1&[EMAIL PROTECTED]
and also the "No-Exec Stack Smashing 101" thread posted last week
to [EMAIL PROTECTED]
http://www.securityfocus.com/templates/archive.pike?list=82&date=2000-04-15&[EMAIL PROTECTED]
Very interesting staff.
=================================================================
To unsubscribe, send mail to [EMAIL PROTECTED] with
the word "unsubscribe" in the message body, e.g., run the command
echo unsubscribe | mail [EMAIL PROTECTED]
