On Thu, Mar 11, 2004 at 09:31:51AM +0100, Hugh McColl wrote: > There are software solutions to this in the linux world, such as the > StackGuard or 'stack smashing protector' extensions to gcc e.g. > http://www.trl.ibm.com/projects/security/ssp/
There are lots of software solutions. Even Microsoft's Visual C compiler has an option that places a canary on the stack to detect the function's return address has been overwritten. These solutions raise the bar, a little[0], but they don't solve the problem. > Gentoo would be an ideal distro for hardening with Stack Smashing Protection: > http://www.gentoo.org/proj/en/hardened/propolice.xml Just rebuilding your current distribution with StackGuard or Propolice won't buy you much. You're better off investigating a more thorough treatment of building a secure operating system distribution[1234]. [0] http://www.phrack.org/phrack/56/p56-0x05 [1] http://www.openbsd.org/ [2] http://www.adamantix.org/ [3] http://www.trustedbsd.org/ [4] http://www.gentoo.org/proj/en/hardened/ Cheers, -mjg -- Matthew Gregan |/ /| [EMAIL PROTECTED]
