Ramachandran Prakash forced the electrons to say:
> Any idea on how to prevent code from executing on the stack???
> do i need to apply any kernel patch or the kernel has support for it
> already
You need a kernel patch from the Openwall project. I don't have a URL
handy, but search on freshmeat and you will find it (methinks it is
http://www.openwall.com/linux). The README says:
Non-executable user stack area
--------------------------------
Most buffer overflow exploits are based on overwriting a function's
return address on the stack to point to some arbitrary code, which is
also put onto the stack. If the stack area is non-executable, buffer
overflow vulnerabilities become harder to exploit.
The one I have is for kernel 2.2.18. The tarbz2 is 24k, if you need it
mailed to you, contact me offlist. The patch adds some other security
features to the kernel as well.
Binand
----------------------------------------------
Find out more about this and other Linux India
mailing lists at http://lists.linux-india.org/
