On Thu, Mar 11, 2004 at 09:31:51AM +0100, Hugh McColl wrote:

> There are software solutions to this in the linux world, such as the 
> StackGuard   or 'stack smashing protector' extensions to gcc e.g.
> http://www.trl.ibm.com/projects/security/ssp/

There are lots of software solutions.  Even Microsoft's Visual C
compiler has an option that places a canary on the stack to detect the
function's return address has been overwritten.  These solutions raise
the bar, a little[0], but they don't solve the problem.

> Gentoo would be an ideal distro for hardening with Stack Smashing Protection: 
> http://www.gentoo.org/proj/en/hardened/propolice.xml

Just rebuilding your current distribution with StackGuard or Propolice
won't buy you much.  You're better off investigating a more thorough
treatment of building a secure operating system distribution[1234].

[0] http://www.phrack.org/phrack/56/p56-0x05
[1] http://www.openbsd.org/
[2] http://www.adamantix.org/
[3] http://www.trustedbsd.org/
[4] http://www.gentoo.org/proj/en/hardened/

Cheers,
-mjg
-- 
Matthew Gregan                     |/
                                  /|                [EMAIL PROTECTED]

Reply via email to